priv_msgbuf.c revision 172106 
11638Srgrimes/*-
21638Srgrimes * Copyright (c) 2007 Robert M. M. Watson
31638Srgrimes * All rights reserved.
41638Srgrimes *
51638Srgrimes * This software was developed by Robert N. M. Watson for the TrustedBSD
61638Srgrimes * Project.
71638Srgrimes *
81638Srgrimes * Redistribution and use in source and binary forms, with or without
91638Srgrimes * modification, are permitted provided that the following conditions
101638Srgrimes * are met:
111638Srgrimes * 1. Redistributions of source code must retain the above copyright
12263142Seadler *    notice, this list of conditions and the following disclaimer.
131638Srgrimes * 2. Redistributions in binary form must reproduce the above copyright
141638Srgrimes *    notice, this list of conditions and the following disclaimer in the
151638Srgrimes *    documentation and/or other materials provided with the distribution.
161638Srgrimes *
171638Srgrimes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
181638Srgrimes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
191638Srgrimes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
201638Srgrimes * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR, NCIRCLE NETWORK SECURITY,
211638Srgrimes * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
221638Srgrimes * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
231638Srgrimes * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
241638Srgrimes * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
251638Srgrimes * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
261638Srgrimes * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
271638Srgrimes * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
281638Srgrimes *
2950476Speter * $FreeBSD: head/tools/regression/priv/priv_msgbuf.c 172106 2007-09-09 23:08:39Z rwatson $
301638Srgrimes */
311638Srgrimes
321638Srgrimes/*
3379538Sru * Confirm that when security.bsd.unprivileged_read_msgbuf is set to 0,
341638Srgrimes * privilege is required to read the kernel message buffer.
351638Srgrimes */
361638Srgrimes
371638Srgrimes#include <sys/types.h>
381638Srgrimes#include <sys/sysctl.h>
3984306Sru
401638Srgrimes#include <err.h>
411638Srgrimes#include <errno.h>
421638Srgrimes#include <stdio.h>
431638Srgrimes
441638Srgrimes#include "main.h"
451638Srgrimes
461638Srgrimes#define	MSGBUF_CONTROL_NAME	"security.bsd.unprivileged_read_msgbuf"
471638Srgrimes#define	MSGBUF_NAME		"kern.msgbuf"
481638Srgrimes
491638Srgrimes/*
5013744Smpp * We must query and save the original value, then restore it when done.
5179727Sschweikh */
521638Srgrimesstatic int unprivileged_read_msgbuf;
53107788Srustatic int unprivileged_read_msgbuf_initialized;
541638Srgrimes
551638Srgrimesint
561638Srgrimespriv_msgbuf_privonly_setup(int asroot, int injail, struct test *test)
571638Srgrimes{
581638Srgrimes	size_t len;
591638Srgrimes	int newval;
601638Srgrimes
6170466Sru	/*
621638Srgrimes	 * Separately query and set to make debugging easier.
631638Srgrimes	 */
641638Srgrimes	len = sizeof(unprivileged_read_msgbuf);
651638Srgrimes	if (sysctlbyname(MSGBUF_CONTROL_NAME, &unprivileged_read_msgbuf,
661638Srgrimes	    &len, NULL, 0) < 0) {
671638Srgrimes		warn("priv_msgbuf_privonly_setup: sysctlbyname query");
681638Srgrimes		return (-1);
691638Srgrimes	}
701638Srgrimes	newval = 0;
71107788Sru	if (sysctlbyname(MSGBUF_CONTROL_NAME, NULL, NULL, &newval,
721638Srgrimes	    sizeof(newval)) < 0) {
731638Srgrimes		warn("priv_msgbuf_privonly_setup: sysctlbyname set");
7415082Smpp		return (-1);
751638Srgrimes	}
761638Srgrimes	unprivileged_read_msgbuf_initialized = 1;
771638Srgrimes	return (0);
781638Srgrimes}
79119964Sru
8033780Sbdevoid
811638Srgrimespriv_msgbuf_privonly(int asroot, int injail, struct test *test)
8233780Sbde{
8333780Sbde	size_t len;
841638Srgrimes	int error;
8555466Sbde
8655466Sbde	error = sysctlbyname(MSGBUF_NAME, NULL, &len, NULL, 0);
871638Srgrimes	if (asroot && injail)
8833780Sbde		expect("priv_msgbuf_privonly(asroot, injail)", error, -1,
8933780Sbde		    EPERM);
9033780Sbde	if (asroot && !injail)
9133780Sbde		expect("priv_msgbuf_privonly(asroot, !injail)", error, 0, 0);
9233780Sbde	if (!asroot && injail)
9333780Sbde		expect("priv_msgbuf_privonly(!asroot, injail)", error, -1,
9433780Sbde		    EPERM);
9533780Sbde	if (!asroot && !injail)
9633780Sbde		expect("priv_msgbuf_privonly(!asroot, !injail)", error, -1,
971638Srgrimes		    EPERM);
981638Srgrimes}
9955466Sbde
10055466Sbdeint
10155466Sbdepriv_msgbuf_unprivok_setup(int asroot, int injail, struct test *test)
10255466Sbde{
1031638Srgrimes	size_t len;
10433780Sbde	int newval;
1051638Srgrimes
10633780Sbde	/*
10733780Sbde	 * Separately query and set to make debugging easier.
1081638Srgrimes	 */
1091638Srgrimes	len = sizeof(unprivileged_read_msgbuf);
1101638Srgrimes	if (sysctlbyname(MSGBUF_CONTROL_NAME, &unprivileged_read_msgbuf, &len,
11122056Smpp	    NULL, 0) < 0) {
11222056Smpp		warn("priv_msgbuf_unprivok_setup: sysctlbyname query");
11322056Smpp		return (-1);
11433780Sbde	}
11533780Sbde	newval = 1;
11633780Sbde	if (sysctlbyname(MSGBUF_CONTROL_NAME, NULL, NULL, &newval,
11733780Sbde	    sizeof(newval)) < 0) {
11833780Sbde		warn("priv_msgbuf_unprivok_setup: sysctlbyname set");
11933780Sbde		return (-1);
12033780Sbde	}
12133780Sbde	unprivileged_read_msgbuf_initialized = 1;
12233780Sbde	return (0);
12322056Smpp}
12433780Sbde
12533780Sbdevoid
12633780Sbdepriv_msgbuf_unprivok(int asroot, int injail, struct test *test)
12733780Sbde{
12833780Sbde	size_t len;
1291638Srgrimes	int error;
13033780Sbde
13133780Sbde	error = sysctlbyname(MSGBUF_NAME, NULL, &len, NULL, 0);
13233780Sbde	if (asroot && injail)
13333780Sbde		expect("priv_msgbuf_unprivok(asroot, injail)", error, 0, 0);
13433780Sbde	if (asroot && !injail)
13533780Sbde		expect("priv_msgbuf_unprivok(asroot, !injail)", error, 0, 0);
13633780Sbde	if (!asroot && injail)
13733780Sbde		expect("priv_msgbuf_unprivok(!asroot, injail)", error, 0, 0);
1381638Srgrimes	if (!asroot && !injail)
13955466Sbde		expect("priv_msgbuf_unprivok(!asroot, !injail)", error, 0, 0);
14033780Sbde}
1411638Srgrimes
1421638Srgrimesvoid
14333780Sbdepriv_msgbuf_cleanup(int asroot, int injail, struct test *test)
1441638Srgrimes{
1451638Srgrimes
14618480Swosch	if (unprivileged_read_msgbuf_initialized) {
1471638Srgrimes		(void)sysctlbyname(MSGBUF_NAME, NULL, NULL,
1481638Srgrimes		    &unprivileged_read_msgbuf,
1491638Srgrimes		    sizeof(unprivileged_read_msgbuf));
1501638Srgrimes		unprivileged_read_msgbuf_initialized = 0;
1511638Srgrimes	}
1521638Srgrimes}
153140561Sru