D7921.id21518.diff
No OneTemporary
Actions

Size

2 KB

Referenced Files

None

Subscribers

None

D7921.id21518.diff
View Options

	Index: usr.bin/ktrdump/ktrdump.c
	===================================================================
	--- usr.bin/ktrdump/ktrdump.c
	+++ usr.bin/ktrdump/ktrdump.c
	@@ -29,11 +29,14 @@
	__FBSDID("$FreeBSD$");

	#include <sys/types.h>
	+#include <sys/capsicum.h>
	#include <sys/ktr.h>
	#include <sys/mman.h>
	#include <sys/stat.h>

	+#include <capsicum_helpers.h>
	#include <err.h>
	+#include <errno.h>
	#include <fcntl.h>
	#include <kvm.h>
	#include <limits.h>
	@@ -70,6 +73,7 @@

	static char corefile[PATH_MAX];
	static char execfile[PATH_MAX];
	+static char outfile[PATH_MAX] = "stdout";

	static char desc[SBUFLEN];
	static char errbuf[_POSIX2_LINE_MAX];
	@@ -87,6 +91,7 @@
	struct ktr_entry *buf;
	uintmax_t tlast, tnow;
	unsigned long bufptr;
	+ cap_rights_t rights;
	struct stat sb;
	kvm_t *kd;
	FILE *out;
	@@ -122,6 +127,11 @@
	iflag = 1;
	if ((in = open(optarg, O_RDONLY)) == -1)
	err(1, "%s", optarg);
	+ cap_rights_init(&rights, CAP_FSTAT, CAP_MMAP_R);
	+ if (cap_rights_limit(in, &rights) < 0 &&
	+ errno != ENOSYS)
	+ err(1, "unable to limit rights for %s",
	+ optarg);
	break;
	case 'M':
	case 'm':
	@@ -133,6 +143,7 @@
	case 'o':
	if ((out = fopen(optarg, "w")) == NULL)
	err(1, "%s", optarg);
	+ strlcpy(outfile, optarg, sizeof(outfile));
	break;
	case 'q':
	qflag++;
	@@ -155,6 +166,10 @@
	if (ac != 0)
	usage();

	+ cap_rights_init(&rights, CAP_FSTAT, CAP_WRITE);
	+ if (cap_rights_limit(fileno(out), &rights) < 0 && errno != ENOSYS)
	+ err(1, "unable to limit rights for %s", outfile);
	+
	/*
	* Open our execfile and corefile, resolve needed symbols and read in
	* the trace buffer.
	@@ -162,11 +177,28 @@
	if ((kd = kvm_openfiles(Nflag ? execfile : NULL,
	Mflag ? corefile : NULL, NULL, O_RDONLY, errbuf)) == NULL)
	errx(1, "%s", errbuf);
	+
	+ /*
	+ * Cache NLS data, for strerror, for err(3), before entering capability
	+ * mode.
	+ */
	+ caph_cache_catpages();
	+
	if (kvm_nlist(kd, nl) != 0 \|\|
	kvm_read(kd, nl[0].n_value, &version, sizeof(version)) == -1)
	errx(1, "%s", kvm_geterr(kd));
	if (version != KTR_VERSION)
	errx(1, "ktr version mismatch");
	+
	+ /*
	+ * Enter Capsicum sandbox.
	+ *
	+ * kvm_nlist() above uses kldsym(2) for native kernels, and that isn't
	+ * allowed in the sandbox.
	+ */
	+ if (cap_enter() < 0 && errno != ENOSYS)
	+ err(1, "unable to enter capability mode");
	+
	if (iflag) {
	if (fstat(in, &sb) == -1)
	errx(1, "stat");

File Metadata

Mime Type: text/plain
Expires: Tue, Feb 10, 11:22 AM (10 h, 16 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 28622189
Default Alt Text: D7921.id21518.diff (2 KB)

D7921.id21518.diffNo OneTemporaryActions

D7921.id21518.diffView Options

File Metadata

Event Timeline

D7921.id21518.diff
No OneTemporary
Actions

D7921.id21518.diff
View Options