Changeset View
Changeset View
Standalone View
Standalone View
usr.bin/proccontrol/proccontrol.c
| Show First 20 Lines • Show All 42 Lines • ▼ Show 20 Lines | enum { | ||||
| MODE_INVALID, | MODE_INVALID, | ||||
| MODE_TRACE, | MODE_TRACE, | ||||
| MODE_TRAPCAP, | MODE_TRAPCAP, | ||||
| MODE_PROTMAX, | MODE_PROTMAX, | ||||
| MODE_STACKGAP, | MODE_STACKGAP, | ||||
| #ifdef PROC_KPTI_CTL | #ifdef PROC_KPTI_CTL | ||||
| MODE_KPTI, | MODE_KPTI, | ||||
| #endif | #endif | ||||
| #ifdef PROC_LA_CTL | |||||
| MODE_LA57, | |||||
| MODE_LA48, | |||||
| #endif | |||||
| }; | }; | ||||
| static pid_t | static pid_t | ||||
| str2pid(const char *str) | str2pid(const char *str) | ||||
| { | { | ||||
| pid_t res; | pid_t res; | ||||
| char *tail; | char *tail; | ||||
| res = strtol(str, &tail, 0); | res = strtol(str, &tail, 0); | ||||
| if (*tail != '\0') { | if (*tail != '\0') { | ||||
| warnx("non-numeric pid"); | warnx("non-numeric pid"); | ||||
| return (-1); | return (-1); | ||||
| } | } | ||||
| return (res); | return (res); | ||||
| } | } | ||||
| #ifdef PROC_KPTI_CTL | #ifdef PROC_KPTI_CTL | ||||
| #define KPTI_USAGE "|kpti" | #define KPTI_USAGE "|kpti" | ||||
| #else | #else | ||||
| #define KPTI_USAGE | #define KPTI_USAGE | ||||
| #endif | #endif | ||||
| #ifdef PROC_LA_CTL | |||||
| #define LA_USAGE "|la48|la57" | |||||
| #else | |||||
| #define LA_USAGE | |||||
| #endif | |||||
| static void __dead2 | static void __dead2 | ||||
| usage(void) | usage(void) | ||||
| { | { | ||||
| fprintf(stderr, "Usage: proccontrol -m (aslr|protmax|trace|trapcap|" | fprintf(stderr, "Usage: proccontrol -m (aslr|protmax|trace|trapcap|" | ||||
| "stackgap"KPTI_USAGE") [-q] " | "stackgap"KPTI_USAGE LA_USAGE") [-q] " | ||||
| "[-s (enable|disable)] [-p pid | command]\n"); | "[-s (enable|disable)] [-p pid | command]\n"); | ||||
| exit(1); | exit(1); | ||||
| } | } | ||||
| int | int | ||||
| main(int argc, char *argv[]) | main(int argc, char *argv[]) | ||||
| { | { | ||||
| int arg, ch, error, mode; | int arg, ch, error, mode; | ||||
| Show All 16 Lines | case 'm': | ||||
| else if (strcmp(optarg, "trapcap") == 0) | else if (strcmp(optarg, "trapcap") == 0) | ||||
| mode = MODE_TRAPCAP; | mode = MODE_TRAPCAP; | ||||
| else if (strcmp(optarg, "stackgap") == 0) | else if (strcmp(optarg, "stackgap") == 0) | ||||
| mode = MODE_STACKGAP; | mode = MODE_STACKGAP; | ||||
| #ifdef PROC_KPTI_CTL | #ifdef PROC_KPTI_CTL | ||||
| else if (strcmp(optarg, "kpti") == 0) | else if (strcmp(optarg, "kpti") == 0) | ||||
| mode = MODE_KPTI; | mode = MODE_KPTI; | ||||
| #endif | #endif | ||||
| #ifdef PROC_LA_CTL | |||||
| else if (strcmp(optarg, "la57") == 0) | |||||
| mode = MODE_LA57; | |||||
| else if (strcmp(optarg, "la48") == 0) | |||||
| mode = MODE_LA48; | |||||
| #endif | |||||
| else | else | ||||
| usage(); | usage(); | ||||
| break; | break; | ||||
| case 's': | case 's': | ||||
| if (strcmp(optarg, "enable") == 0) | if (strcmp(optarg, "enable") == 0) | ||||
| enable = true; | enable = true; | ||||
| else if (strcmp(optarg, "disable") == 0) | else if (strcmp(optarg, "disable") == 0) | ||||
| enable = false; | enable = false; | ||||
| Show All 40 Lines | if (query) { | ||||
| case MODE_STACKGAP: | case MODE_STACKGAP: | ||||
| error = procctl(P_PID, pid, PROC_STACKGAP_STATUS, &arg); | error = procctl(P_PID, pid, PROC_STACKGAP_STATUS, &arg); | ||||
| break; | break; | ||||
| #ifdef PROC_KPTI_CTL | #ifdef PROC_KPTI_CTL | ||||
| case MODE_KPTI: | case MODE_KPTI: | ||||
| error = procctl(P_PID, pid, PROC_KPTI_STATUS, &arg); | error = procctl(P_PID, pid, PROC_KPTI_STATUS, &arg); | ||||
| break; | break; | ||||
| #endif | #endif | ||||
| #ifdef PROC_LA_CTL | |||||
| case MODE_LA57: | |||||
| case MODE_LA48: | |||||
| error = procctl(P_PID, pid, PROC_LA_STATUS, &arg); | |||||
| break; | |||||
| #endif | |||||
| default: | default: | ||||
| usage(); | usage(); | ||||
| break; | break; | ||||
| } | } | ||||
| if (error != 0) | if (error != 0) | ||||
| err(1, "procctl status"); | err(1, "procctl status"); | ||||
| switch (mode) { | switch (mode) { | ||||
| case MODE_ASLR: | case MODE_ASLR: | ||||
| ▲ Show 20 Lines • Show All 79 Lines • ▼ Show 20 Lines | case MODE_KPTI: | ||||
| break; | break; | ||||
| } | } | ||||
| if ((arg & PROC_KPTI_STATUS_ACTIVE) != 0) | if ((arg & PROC_KPTI_STATUS_ACTIVE) != 0) | ||||
| printf(", active\n"); | printf(", active\n"); | ||||
| else | else | ||||
| printf(", not active\n"); | printf(", not active\n"); | ||||
| break; | break; | ||||
| #endif | #endif | ||||
| #ifdef PROC_LA_CTL | |||||
| case MODE_LA57: | |||||
| case MODE_LA48: | |||||
| switch (arg & ~(PROC_LA_STATUS_LA48 | | |||||
| PROC_LA_STATUS_LA57)) { | |||||
| case PROC_LA_CTL_LA48_ON_EXEC: | |||||
| printf("la48 on exec"); | |||||
| break; | |||||
| case PROC_LA_CTL_LA57_ON_EXEC: | |||||
| printf("la57 on exec"); | |||||
| break; | |||||
| case PROC_LA_CTL_DEFAULT_ON_EXEC: | |||||
| printf("default on exec"); | |||||
| break; | |||||
| } | } | ||||
| if ((arg & PROC_LA_STATUS_LA48) != 0) | |||||
| printf(", la48 active\n"); | |||||
| else if ((arg & PROC_LA_STATUS_LA57) != 0) | |||||
| printf(", la57 active\n"); | |||||
| break; | |||||
| #endif | |||||
| } | |||||
| } else { | } else { | ||||
| switch (mode) { | switch (mode) { | ||||
| case MODE_ASLR: | case MODE_ASLR: | ||||
| arg = enable ? PROC_ASLR_FORCE_ENABLE : | arg = enable ? PROC_ASLR_FORCE_ENABLE : | ||||
| PROC_ASLR_FORCE_DISABLE; | PROC_ASLR_FORCE_DISABLE; | ||||
| error = procctl(P_PID, pid, PROC_ASLR_CTL, &arg); | error = procctl(P_PID, pid, PROC_ASLR_CTL, &arg); | ||||
| break; | break; | ||||
| case MODE_TRACE: | case MODE_TRACE: | ||||
| Show All 17 Lines | case MODE_STACKGAP: | ||||
| PROC_STACKGAP_DISABLE_EXEC); | PROC_STACKGAP_DISABLE_EXEC); | ||||
| error = procctl(P_PID, pid, PROC_STACKGAP_CTL, &arg); | error = procctl(P_PID, pid, PROC_STACKGAP_CTL, &arg); | ||||
| break; | break; | ||||
| #ifdef PROC_KPTI_CTL | #ifdef PROC_KPTI_CTL | ||||
| case MODE_KPTI: | case MODE_KPTI: | ||||
| arg = enable ? PROC_KPTI_CTL_ENABLE_ON_EXEC : | arg = enable ? PROC_KPTI_CTL_ENABLE_ON_EXEC : | ||||
| PROC_KPTI_CTL_DISABLE_ON_EXEC; | PROC_KPTI_CTL_DISABLE_ON_EXEC; | ||||
| error = procctl(P_PID, pid, PROC_KPTI_CTL, &arg); | error = procctl(P_PID, pid, PROC_KPTI_CTL, &arg); | ||||
| break; | |||||
| #endif | |||||
| #ifdef PROC_LA_CTL | |||||
| case MODE_LA57: | |||||
| arg = enable ? PROC_LA_CTL_LA57_ON_EXEC : | |||||
| PROC_LA_CTL_DEFAULT_ON_EXEC; | |||||
| error = procctl(P_PID, pid, PROC_LA_CTL, &arg); | |||||
| break; | |||||
| case MODE_LA48: | |||||
| arg = enable ? PROC_LA_CTL_LA48_ON_EXEC : | |||||
| PROC_LA_CTL_DEFAULT_ON_EXEC; | |||||
| error = procctl(P_PID, pid, PROC_LA_CTL, &arg); | |||||
| break; | break; | ||||
| #endif | #endif | ||||
| default: | default: | ||||
| usage(); | usage(); | ||||
| break; | break; | ||||
| } | } | ||||
| if (error != 0) | if (error != 0) | ||||
| err(1, "procctl ctl"); | err(1, "procctl ctl"); | ||||
| if (do_command) { | if (do_command) { | ||||
| error = execvp(argv[0], argv); | error = execvp(argv[0], argv); | ||||
| err(1, "exec"); | err(1, "exec"); | ||||
| } | } | ||||
| } | } | ||||
| exit(0); | exit(0); | ||||
| } | } | ||||