Subject: Re: machdep kauth calls for i386_xxx
To: None <tech-security@netbsd.org, port-i386@netbsd.org,>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: tech-security
Date: 11/08/2006 23:32:08
On Wed, Nov 08, 2006 at 11:30:54PM -0500, Thor Lancelot Simon wrote:
> I think the patch below is correct and allows the removal of some
> unnecessary (and somewhat obfuscatory) kauth requests.  Fundamentally,
> access to the i386 iopl must be assumed to be access to raw memory.

Whoops!  Here's the patch:

Index: amd64/amd64/sys_machdep.c
===================================================================
RCS file: /cvsroot/src/sys/arch/amd64/amd64/sys_machdep.c,v
retrieving revision 1.9
diff -u -r1.9 sys_machdep.c
--- amd64/amd64/sys_machdep.c	19 Sep 2006 22:03:10 -0000	1.9
+++ amd64/amd64/sys_machdep.c	9 Nov 2006 04:26:16 -0000
@@ -392,8 +392,9 @@
 	struct trapframe *tf = l->l_md.md_regs;
 	struct x86_64_iopl_args ua;
 
-	if (kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
-	    KAUTH_REQ_MACHDEP_X86_IOPL, NULL, NULL, NULL))
+	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_RAWIO,
+	    KAUTH_REQ_SYSTEM_RAWIO_MEMORY, KAUTH_REQ_SYSTEM_RAWIO_RW,
+	    NULL, NULL))
 		return EPERM;
 
 	if ((error = copyin(args, &ua, sizeof(ua))) != 0)
@@ -435,8 +436,9 @@
 	struct pcb *pcb = &p->p_addr->u_pcb;
 	struct x86_64_set_ioperm_args ua;
 
-	if (kauth_authorize_machdep(p->p_cred, KAUTH_MACHDEP_X86,
-	    KAUTH_REQ_MACHDEP_X86_IOPERM, NULL, NULL, NULL))
+	if (kauth_authorize_system(p->p_cred, KAUTH_SYSTEM_RAWIO,
+	    KAUTH_REQ_SYSTEM_RAWIO_MEMORY, KAUTH_REQ_SYSTEM_RAWIO_RW,
+	    NULL, NULL, NULL))
 		return EPERM;
 
 	if ((error = copyin(args, &ua, sizeof(ua))) != 0)
Index: i386/i386/sys_machdep.c
===================================================================
RCS file: /cvsroot/src/sys/arch/i386/i386/sys_machdep.c,v
retrieving revision 1.77
diff -u -r1.77 sys_machdep.c
--- i386/i386/sys_machdep.c	12 Oct 2006 01:30:43 -0000	1.77
+++ i386/i386/sys_machdep.c	9 Nov 2006 04:20:43 -0000
@@ -351,9 +351,9 @@
 	struct trapframe *tf = l->l_md.md_regs;
 	struct i386_iopl_args ua;
 
-	if ((error = kauth_authorize_machdep(l->l_cred,
-	    KAUTH_MACHDEP_X86, KAUTH_REQ_MACHDEP_X86_IOPL,
-	    NULL, NULL, NULL)) != 0)
+	if ((error = kauth_authorize_system(l->l_cred,
+	    KAUTH_SYSTEM_RAWIO, KAUTH_REQ_SYSTEM_RAWIO_MEMORY,
+	    KAUTH_REQ_SYSTEM_RAWIO_RW, NULL, NULL)) != 0)
 		return error;
 
 	if ((error = copyin(args, &ua, sizeof(ua))) != 0)
@@ -387,9 +387,9 @@
 	struct pcb *pcb = &l->l_addr->u_pcb;
 	struct i386_set_ioperm_args ua;
 
-	if ((error = kauth_authorize_machdep(l->l_cred,
-	    KAUTH_MACHDEP_X86, KAUTH_REQ_MACHDEP_X86_IOPERM,
-	    NULL, NULL, NULL)) != 0)
+	if ((error = kauth_authorize_system(l->l_cred,
+	    KAUTH_SYSTEM_RAWIO, KAUTH_REQ_SYSTEM_RAWIO_MEMORY,
+	    KAUTH_REQ_SYSTEM_RAWIO_RW, NULL, NULL)) != 0)
 		return error;
 
 	if ((error = copyin(args, &ua, sizeof(ua))) != 0)