| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
| 1 | /* $NetBSD: kern_verifiedexec.c,v 1.123 2011/01/02 20:50:55 christos Exp $ */ | | 1 | /* $NetBSD: kern_verifiedexec.c,v 1.124 2011/01/08 20:29:13 christos Exp $ */ |
| 2 | | | 2 | |
| 3 | /*- | | 3 | /*- |
| 4 | * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org> | | 4 | * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org> |
| 5 | * Copyright (c) 2005, 2006 Brett Lymn <blymn@NetBSD.org> | | 5 | * Copyright (c) 2005, 2006 Brett Lymn <blymn@NetBSD.org> |
| 6 | * All rights reserved. | | 6 | * All rights reserved. |
| 7 | * | | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | | 9 | * modification, are permitted provided that the following conditions |
| 10 | * are met: | | 10 | * are met: |
| 11 | * 1. Redistributions of source code must retain the above copyright | | 11 | * 1. Redistributions of source code must retain the above copyright |
| 12 | * notice, this list of conditions and the following disclaimer. | | 12 | * notice, this list of conditions and the following disclaimer. |
| 13 | * 2. Redistributions in binary form must reproduce the above copyright | | 13 | * 2. Redistributions in binary form must reproduce the above copyright |
| 14 | * notice, this list of conditions and the following disclaimer in the | | 14 | * notice, this list of conditions and the following disclaimer in the |
| @@ -19,27 +19,27 @@ | | | @@ -19,27 +19,27 @@ |
| 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR | | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR |
| 20 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | | 20 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| 21 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | | 21 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| 22 | * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, | | 22 | * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| 23 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | | 23 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| 24 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | | 24 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 25 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | | 25 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 26 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | | 26 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | | 27 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 28 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | | 28 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 | */ | | 29 | */ |
| 30 | | | 30 | |
| 31 | #include <sys/cdefs.h> | | 31 | #include <sys/cdefs.h> |
| 32 | __KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.123 2011/01/02 20:50:55 christos Exp $"); | | 32 | __KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.124 2011/01/08 20:29:13 christos Exp $"); |
| 33 | | | 33 | |
| 34 | #include "opt_veriexec.h" | | 34 | #include "opt_veriexec.h" |
| 35 | | | 35 | |
| 36 | #include <sys/param.h> | | 36 | #include <sys/param.h> |
| 37 | #include <sys/mount.h> | | 37 | #include <sys/mount.h> |
| 38 | #include <sys/kmem.h> | | 38 | #include <sys/kmem.h> |
| 39 | #include <sys/vnode.h> | | 39 | #include <sys/vnode.h> |
| 40 | #include <sys/namei.h> | | 40 | #include <sys/namei.h> |
| 41 | #include <sys/exec.h> | | 41 | #include <sys/exec.h> |
| 42 | #include <sys/once.h> | | 42 | #include <sys/once.h> |
| 43 | #include <sys/proc.h> | | 43 | #include <sys/proc.h> |
| 44 | #include <sys/rwlock.h> | | 44 | #include <sys/rwlock.h> |
| 45 | #include <sys/syslog.h> | | 45 | #include <sys/syslog.h> |
| @@ -154,27 +154,27 @@ sysctl_kern_veriexec_algorithms(SYSCTLFN | | | @@ -154,27 +154,27 @@ sysctl_kern_veriexec_algorithms(SYSCTLFN |
| 154 | if (newp != NULL) | | 154 | if (newp != NULL) |
| 155 | return EPERM; | | 155 | return EPERM; |
| 156 | | | 156 | |
| 157 | if (namelen != 0) | | 157 | if (namelen != 0) |
| 158 | return EINVAL; | | 158 | return EINVAL; |
| 159 | | | 159 | |
| 160 | p = veriexec_fp_names == NULL ? "" : veriexec_fp_names; | | 160 | p = veriexec_fp_names == NULL ? "" : veriexec_fp_names; |
| 161 | | | 161 | |
| 162 | len = strlen(p) + 1; | | 162 | len = strlen(p) + 1; |
| 163 | | | 163 | |
| 164 | if (*oldlenp < len) | | 164 | if (*oldlenp < len) |
| 165 | return ENOMEM; | | 165 | return ENOMEM; |
| 166 | | | 166 | |
| 167 | if ((error = copyout(p, oldp, len)) != 0) | | 167 | if (oldp && (error = copyout(p, oldp, len)) != 0) |
| 168 | return error; | | 168 | return error; |
| 169 | | | 169 | |
| 170 | *oldlenp = len; | | 170 | *oldlenp = len; |
| 171 | return 0; | | 171 | return 0; |
| 172 | } | | 172 | } |
| 173 | | | 173 | |
| 174 | static int | | 174 | static int |
| 175 | sysctl_kern_veriexec_strict(SYSCTLFN_ARGS) | | 175 | sysctl_kern_veriexec_strict(SYSCTLFN_ARGS) |
| 176 | { | | 176 | { |
| 177 | struct sysctlnode node; | | 177 | struct sysctlnode node; |
| 178 | int error, newval; | | 178 | int error, newval; |
| 179 | | | 179 | |
| 180 | node = *rnode; | | 180 | node = *rnode; |