From be8479a8365d01aaf3b90ad18a05af5193d05601 Mon Sep 17 00:00:00 2001 From: Poul-Henning Kamp Date: Sun, 7 Nov 1999 12:01:32 +0000 Subject: [PATCH] Remove the iskmemdev() function. Make it the responsibility of the mem.c drivers to enforce the securelevel checks. --- sys/alpha/alpha/mem.c | 22 +++++----------------- sys/amd64/amd64/mem.c | 19 +++++-------------- sys/fs/specfs/spec_vnops.c | 4 +--- sys/i386/i386/mem.c | 19 +++++-------------- sys/miscfs/devfs/devfs_vnops.c | 4 +--- sys/miscfs/specfs/spec_vnops.c | 4 +--- sys/sys/conf.h | 1 - sys/sys/linedisc.h | 1 - 8 files changed, 18 insertions(+), 56 deletions(-) diff --git a/sys/alpha/alpha/mem.c b/sys/alpha/alpha/mem.c index e204b43eef1..4c7f83572db 100644 --- a/sys/alpha/alpha/mem.c +++ b/sys/alpha/alpha/mem.c @@ -123,6 +123,11 @@ mmopen(dev, flags, fmt, p) { switch (minor(dev)) { + case 0: + case 1: + if (securelevel >= 1) + return (EPERM); + break; case 32: #ifdef PERFMON return perfmon_open(dev, flags, fmt, p); @@ -367,23 +372,6 @@ mmpoll(dev, events, p) } } -/* - * Routine that identifies /dev/mem and /dev/kmem. - * - * A minimal stub routine can always return 0. - */ -int -iskmemdev(dev) - dev_t dev; -{ - - return (((major(dev) == mem_cdevsw.d_maj) - && (minor(dev) == 0 || minor(dev) == 1)) -/* or the osf/1 mem device */ - ||((major(dev) == 0) - && (minor(dev) == 0x00200002))); -} - int iszerodev(dev) dev_t dev; diff --git a/sys/amd64/amd64/mem.c b/sys/amd64/amd64/mem.c index 92c7b2d0722..da9084bbd9a 100644 --- a/sys/amd64/amd64/mem.c +++ b/sys/amd64/amd64/mem.c @@ -111,6 +111,11 @@ mmclose(dev, flags, fmt, p) struct proc *p; { switch (minor(dev)) { + case 0: + case 1: + if (securelevel >= 1) + return (EPERM); + break; case 14: curproc->p_md.md_regs->tf_eflags &= ~PSL_IOPL; break; @@ -527,20 +532,6 @@ mmpoll(dev, events, p) } } -/* - * Routine that identifies /dev/mem and /dev/kmem. - * - * A minimal stub routine can always return 0. - */ -int -iskmemdev(dev) - dev_t dev; -{ - - return ((major(dev) == mem_cdevsw.d_maj) - && (minor(dev) == 0 || minor(dev) == 1)); -} - int iszerodev(dev) dev_t dev; diff --git a/sys/fs/specfs/spec_vnops.c b/sys/fs/specfs/spec_vnops.c index c012b153f49..969a124def3 100644 --- a/sys/fs/specfs/spec_vnops.c +++ b/sys/fs/specfs/spec_vnops.c @@ -176,7 +176,7 @@ spec_open(ap) return (EPERM); /* * When running in secure mode, do not allow opens - * for writing of /dev/mem, /dev/kmem, or character + * for writing of character * devices whose corresponding block devices are * currently mounted. */ @@ -186,8 +186,6 @@ spec_open(ap) bvp->v_usecount > 0 && (error = vfs_mountedon(bvp))) return (error); - if (iskmemdev(dev)) - return (EPERM); } } if ((dsw->d_flags & D_TYPEMASK) == D_TTY) diff --git a/sys/i386/i386/mem.c b/sys/i386/i386/mem.c index 92c7b2d0722..da9084bbd9a 100644 --- a/sys/i386/i386/mem.c +++ b/sys/i386/i386/mem.c @@ -111,6 +111,11 @@ mmclose(dev, flags, fmt, p) struct proc *p; { switch (minor(dev)) { + case 0: + case 1: + if (securelevel >= 1) + return (EPERM); + break; case 14: curproc->p_md.md_regs->tf_eflags &= ~PSL_IOPL; break; @@ -527,20 +532,6 @@ mmpoll(dev, events, p) } } -/* - * Routine that identifies /dev/mem and /dev/kmem. - * - * A minimal stub routine can always return 0. - */ -int -iskmemdev(dev) - dev_t dev; -{ - - return ((major(dev) == mem_cdevsw.d_maj) - && (minor(dev) == 0 || minor(dev) == 1)); -} - int iszerodev(dev) dev_t dev; diff --git a/sys/miscfs/devfs/devfs_vnops.c b/sys/miscfs/devfs/devfs_vnops.c index 60267929c4d..96252d46a02 100644 --- a/sys/miscfs/devfs/devfs_vnops.c +++ b/sys/miscfs/devfs/devfs_vnops.c @@ -1353,7 +1353,7 @@ devfs_open( struct vop_open_args *ap) return (EPERM); /* * When running in secure mode, do not allow opens - * for writing of /dev/mem, /dev/kmem, or character + * for writing of character * devices whose corresponding block devices are * currently mounted. */ @@ -1363,8 +1363,6 @@ devfs_open( struct vop_open_args *ap) bvp->v_usecount > 0 && (error = vfs_mountedon(bvp))) return (error); - if (iskmemdev(dev)) - return (EPERM); } } if ((dsw->d_flags & D_TYPEMASK) == D_TTY) diff --git a/sys/miscfs/specfs/spec_vnops.c b/sys/miscfs/specfs/spec_vnops.c index c012b153f49..969a124def3 100644 --- a/sys/miscfs/specfs/spec_vnops.c +++ b/sys/miscfs/specfs/spec_vnops.c @@ -176,7 +176,7 @@ spec_open(ap) return (EPERM); /* * When running in secure mode, do not allow opens - * for writing of /dev/mem, /dev/kmem, or character + * for writing of character * devices whose corresponding block devices are * currently mounted. */ @@ -186,8 +186,6 @@ spec_open(ap) bvp->v_usecount > 0 && (error = vfs_mountedon(bvp))) return (error); - if (iskmemdev(dev)) - return (EPERM); } } if ((dsw->d_flags & D_TYPEMASK) == D_TTY) diff --git a/sys/sys/conf.h b/sys/sys/conf.h index 475f97b5a91..a5805d0c662 100644 --- a/sys/sys/conf.h +++ b/sys/sys/conf.h @@ -266,7 +266,6 @@ struct cdevsw *devsw __P((dev_t dev)); int devsw_module_handler __P((struct module *mod, int what, void *arg)); const char *devtoname __P((dev_t dev)); void freedev __P((dev_t dev)); -int iskmemdev __P((dev_t dev)); int iszerodev __P((dev_t dev)); dev_t makebdev __P((int maj, int min)); dev_t make_dev __P((struct cdevsw *devsw, int minor, uid_t uid, gid_t gid, int perms, char *fmt, ...)) __printflike(6, 7); diff --git a/sys/sys/linedisc.h b/sys/sys/linedisc.h index 475f97b5a91..a5805d0c662 100644 --- a/sys/sys/linedisc.h +++ b/sys/sys/linedisc.h @@ -266,7 +266,6 @@ struct cdevsw *devsw __P((dev_t dev)); int devsw_module_handler __P((struct module *mod, int what, void *arg)); const char *devtoname __P((dev_t dev)); void freedev __P((dev_t dev)); -int iskmemdev __P((dev_t dev)); int iszerodev __P((dev_t dev)); dev_t makebdev __P((int maj, int min)); dev_t make_dev __P((struct cdevsw *devsw, int minor, uid_t uid, gid_t gid, int perms, char *fmt, ...)) __printflike(6, 7); -- 2.45.2