| linux_sysvec.c (256281) | linux_sysvec.c (258559) |
|---|---|
| 1/*- 2 * Copyright (c) 1994-1996 S��ren Schmidt 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 13 unchanged lines hidden (view full) --- 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1994-1996 S��ren Schmidt 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 13 unchanged lines hidden (view full) --- 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29#include <sys/cdefs.h> |
| 30__FBSDID("$FreeBSD: stable/10/sys/i386/linux/linux_sysvec.c 246085 2013-01-29 18:41:30Z jhb $"); | 30__FBSDID("$FreeBSD: stable/10/sys/i386/linux/linux_sysvec.c 258559 2013-11-25 15:58:48Z emaste $"); |
| 31 32#include <sys/param.h> 33#include <sys/systm.h> 34#include <sys/exec.h> 35#include <sys/fcntl.h> 36#include <sys/imgact.h> 37#include <sys/imgact_aout.h> 38#include <sys/imgact_elf.h> --- 640 unchanged lines hidden (view full) --- 679 if (copyin(args->sfp, &frame, sizeof(frame)) != 0) 680 return (EFAULT); 681 682 /* 683 * Check for security violations. 684 */ 685#define EFLAGS_SECURE(ef, oef) ((((ef) ^ (oef)) & ~PSL_USERCHANGE) == 0) 686 eflags = frame.sf_sc.sc_eflags; | 31 32#include <sys/param.h> 33#include <sys/systm.h> 34#include <sys/exec.h> 35#include <sys/fcntl.h> 36#include <sys/imgact.h> 37#include <sys/imgact_aout.h> 38#include <sys/imgact_elf.h> --- 640 unchanged lines hidden (view full) --- 679 if (copyin(args->sfp, &frame, sizeof(frame)) != 0) 680 return (EFAULT); 681 682 /* 683 * Check for security violations. 684 */ 685#define EFLAGS_SECURE(ef, oef) ((((ef) ^ (oef)) & ~PSL_USERCHANGE) == 0) 686 eflags = frame.sf_sc.sc_eflags; |
| 687 /* 688 * XXX do allow users to change the privileged flag PSL_RF. The 689 * cpu sets PSL_RF in tf_eflags for faults. Debuggers should 690 * sometimes set it there too. tf_eflags is kept in the signal 691 * context during signal handling and there is no other place 692 * to remember it, so the PSL_RF bit may be corrupted by the 693 * signal handler without us knowing. Corruption of the PSL_RF 694 * bit at worst causes one more or one less debugger trap, so 695 * allowing it is fairly harmless. 696 */ 697 if (!EFLAGS_SECURE(eflags & ~PSL_RF, regs->tf_eflags & ~PSL_RF)) | 687 if (!EFLAGS_SECURE(eflags, regs->tf_eflags)) |
| 698 return(EINVAL); 699 700 /* 701 * Don't allow users to load a valid privileged %cs. Let the 702 * hardware check for invalid selectors, excess privilege in 703 * other selectors, invalid %eip's and invalid %esp's. 704 */ 705#define CS_SECURE(cs) (ISPL(cs) == SEL_UPL) --- 74 unchanged lines hidden (view full) --- 780 781 context = &uc.uc_mcontext; 782 783 /* 784 * Check for security violations. 785 */ 786#define EFLAGS_SECURE(ef, oef) ((((ef) ^ (oef)) & ~PSL_USERCHANGE) == 0) 787 eflags = context->sc_eflags; | 688 return(EINVAL); 689 690 /* 691 * Don't allow users to load a valid privileged %cs. Let the 692 * hardware check for invalid selectors, excess privilege in 693 * other selectors, invalid %eip's and invalid %esp's. 694 */ 695#define CS_SECURE(cs) (ISPL(cs) == SEL_UPL) --- 74 unchanged lines hidden (view full) --- 770 771 context = &uc.uc_mcontext; 772 773 /* 774 * Check for security violations. 775 */ 776#define EFLAGS_SECURE(ef, oef) ((((ef) ^ (oef)) & ~PSL_USERCHANGE) == 0) 777 eflags = context->sc_eflags; |
| 788 /* 789 * XXX do allow users to change the privileged flag PSL_RF. The 790 * cpu sets PSL_RF in tf_eflags for faults. Debuggers should 791 * sometimes set it there too. tf_eflags is kept in the signal 792 * context during signal handling and there is no other place 793 * to remember it, so the PSL_RF bit may be corrupted by the 794 * signal handler without us knowing. Corruption of the PSL_RF 795 * bit at worst causes one more or one less debugger trap, so 796 * allowing it is fairly harmless. 797 */ 798 if (!EFLAGS_SECURE(eflags & ~PSL_RF, regs->tf_eflags & ~PSL_RF)) | 778 if (!EFLAGS_SECURE(eflags, regs->tf_eflags)) |
| 799 return(EINVAL); 800 801 /* 802 * Don't allow users to load a valid privileged %cs. Let the 803 * hardware check for invalid selectors, excess privilege in 804 * other selectors, invalid %eip's and invalid %esp's. 805 */ 806#define CS_SECURE(cs) (ISPL(cs) == SEL_UPL) --- 374 unchanged lines hidden --- | 779 return(EINVAL); 780 781 /* 782 * Don't allow users to load a valid privileged %cs. Let the 783 * hardware check for invalid selectors, excess privilege in 784 * other selectors, invalid %eip's and invalid %esp's. 785 */ 786#define CS_SECURE(cs) (ISPL(cs) == SEL_UPL) --- 374 unchanged lines hidden --- |