priv_msgbuf.c revision 172106
11638Srgrimes/*- 21638Srgrimes * Copyright (c) 2007 Robert M. M. Watson 31638Srgrimes * All rights reserved. 41638Srgrimes * 51638Srgrimes * This software was developed by Robert N. M. Watson for the TrustedBSD 61638Srgrimes * Project. 71638Srgrimes * 81638Srgrimes * Redistribution and use in source and binary forms, with or without 91638Srgrimes * modification, are permitted provided that the following conditions 101638Srgrimes * are met: 111638Srgrimes * 1. Redistributions of source code must retain the above copyright 12263142Seadler * notice, this list of conditions and the following disclaimer. 131638Srgrimes * 2. Redistributions in binary form must reproduce the above copyright 141638Srgrimes * notice, this list of conditions and the following disclaimer in the 151638Srgrimes * documentation and/or other materials provided with the distribution. 161638Srgrimes * 171638Srgrimes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 181638Srgrimes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 191638Srgrimes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 201638Srgrimes * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR, NCIRCLE NETWORK SECURITY, 211638Srgrimes * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 221638Srgrimes * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 231638Srgrimes * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 241638Srgrimes * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 251638Srgrimes * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 261638Srgrimes * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 271638Srgrimes * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 281638Srgrimes * 2950476Speter * $FreeBSD: head/tools/regression/priv/priv_msgbuf.c 172106 2007-09-09 23:08:39Z rwatson $ 301638Srgrimes */ 311638Srgrimes 321638Srgrimes/* 3379538Sru * Confirm that when security.bsd.unprivileged_read_msgbuf is set to 0, 341638Srgrimes * privilege is required to read the kernel message buffer. 351638Srgrimes */ 361638Srgrimes 371638Srgrimes#include <sys/types.h> 381638Srgrimes#include <sys/sysctl.h> 3984306Sru 401638Srgrimes#include <err.h> 411638Srgrimes#include <errno.h> 421638Srgrimes#include <stdio.h> 431638Srgrimes 441638Srgrimes#include "main.h" 451638Srgrimes 461638Srgrimes#define MSGBUF_CONTROL_NAME "security.bsd.unprivileged_read_msgbuf" 471638Srgrimes#define MSGBUF_NAME "kern.msgbuf" 481638Srgrimes 491638Srgrimes/* 5013744Smpp * We must query and save the original value, then restore it when done. 5179727Sschweikh */ 521638Srgrimesstatic int unprivileged_read_msgbuf; 53107788Srustatic int unprivileged_read_msgbuf_initialized; 541638Srgrimes 551638Srgrimesint 561638Srgrimespriv_msgbuf_privonly_setup(int asroot, int injail, struct test *test) 571638Srgrimes{ 581638Srgrimes size_t len; 591638Srgrimes int newval; 601638Srgrimes 6170466Sru /* 621638Srgrimes * Separately query and set to make debugging easier. 631638Srgrimes */ 641638Srgrimes len = sizeof(unprivileged_read_msgbuf); 651638Srgrimes if (sysctlbyname(MSGBUF_CONTROL_NAME, &unprivileged_read_msgbuf, 661638Srgrimes &len, NULL, 0) < 0) { 671638Srgrimes warn("priv_msgbuf_privonly_setup: sysctlbyname query"); 681638Srgrimes return (-1); 691638Srgrimes } 701638Srgrimes newval = 0; 71107788Sru if (sysctlbyname(MSGBUF_CONTROL_NAME, NULL, NULL, &newval, 721638Srgrimes sizeof(newval)) < 0) { 731638Srgrimes warn("priv_msgbuf_privonly_setup: sysctlbyname set"); 7415082Smpp return (-1); 751638Srgrimes } 761638Srgrimes unprivileged_read_msgbuf_initialized = 1; 771638Srgrimes return (0); 781638Srgrimes} 79119964Sru 8033780Sbdevoid 811638Srgrimespriv_msgbuf_privonly(int asroot, int injail, struct test *test) 8233780Sbde{ 8333780Sbde size_t len; 841638Srgrimes int error; 8555466Sbde 8655466Sbde error = sysctlbyname(MSGBUF_NAME, NULL, &len, NULL, 0); 871638Srgrimes if (asroot && injail) 8833780Sbde expect("priv_msgbuf_privonly(asroot, injail)", error, -1, 8933780Sbde EPERM); 9033780Sbde if (asroot && !injail) 9133780Sbde expect("priv_msgbuf_privonly(asroot, !injail)", error, 0, 0); 9233780Sbde if (!asroot && injail) 9333780Sbde expect("priv_msgbuf_privonly(!asroot, injail)", error, -1, 9433780Sbde EPERM); 9533780Sbde if (!asroot && !injail) 9633780Sbde expect("priv_msgbuf_privonly(!asroot, !injail)", error, -1, 971638Srgrimes EPERM); 981638Srgrimes} 9955466Sbde 10055466Sbdeint 10155466Sbdepriv_msgbuf_unprivok_setup(int asroot, int injail, struct test *test) 10255466Sbde{ 1031638Srgrimes size_t len; 10433780Sbde int newval; 1051638Srgrimes 10633780Sbde /* 10733780Sbde * Separately query and set to make debugging easier. 1081638Srgrimes */ 1091638Srgrimes len = sizeof(unprivileged_read_msgbuf); 1101638Srgrimes if (sysctlbyname(MSGBUF_CONTROL_NAME, &unprivileged_read_msgbuf, &len, 11122056Smpp NULL, 0) < 0) { 11222056Smpp warn("priv_msgbuf_unprivok_setup: sysctlbyname query"); 11322056Smpp return (-1); 11433780Sbde } 11533780Sbde newval = 1; 11633780Sbde if (sysctlbyname(MSGBUF_CONTROL_NAME, NULL, NULL, &newval, 11733780Sbde sizeof(newval)) < 0) { 11833780Sbde warn("priv_msgbuf_unprivok_setup: sysctlbyname set"); 11933780Sbde return (-1); 12033780Sbde } 12133780Sbde unprivileged_read_msgbuf_initialized = 1; 12233780Sbde return (0); 12322056Smpp} 12433780Sbde 12533780Sbdevoid 12633780Sbdepriv_msgbuf_unprivok(int asroot, int injail, struct test *test) 12733780Sbde{ 12833780Sbde size_t len; 1291638Srgrimes int error; 13033780Sbde 13133780Sbde error = sysctlbyname(MSGBUF_NAME, NULL, &len, NULL, 0); 13233780Sbde if (asroot && injail) 13333780Sbde expect("priv_msgbuf_unprivok(asroot, injail)", error, 0, 0); 13433780Sbde if (asroot && !injail) 13533780Sbde expect("priv_msgbuf_unprivok(asroot, !injail)", error, 0, 0); 13633780Sbde if (!asroot && injail) 13733780Sbde expect("priv_msgbuf_unprivok(!asroot, injail)", error, 0, 0); 1381638Srgrimes if (!asroot && !injail) 13955466Sbde expect("priv_msgbuf_unprivok(!asroot, !injail)", error, 0, 0); 14033780Sbde} 1411638Srgrimes 1421638Srgrimesvoid 14333780Sbdepriv_msgbuf_cleanup(int asroot, int injail, struct test *test) 1441638Srgrimes{ 1451638Srgrimes 14618480Swosch if (unprivileged_read_msgbuf_initialized) { 1471638Srgrimes (void)sysctlbyname(MSGBUF_NAME, NULL, NULL, 1481638Srgrimes &unprivileged_read_msgbuf, 1491638Srgrimes sizeof(unprivileged_read_msgbuf)); 1501638Srgrimes unprivileged_read_msgbuf_initialized = 0; 1511638Srgrimes } 1521638Srgrimes} 153140561Sru