From owner-svn-src-all@FreeBSD.ORG Mon Dec 5 19:34:03 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4262B106564A; Mon, 5 Dec 2011 19:34:03 +0000 (UTC) (envelope-from trociny@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 32CF88FC15; Mon, 5 Dec 2011 19:34:03 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id pB5JY36f054962; Mon, 5 Dec 2011 19:34:03 GMT (envelope-from trociny@svn.freebsd.org) Received: (from trociny@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id pB5JY3iK054960; Mon, 5 Dec 2011 19:34:03 GMT (envelope-from trociny@svn.freebsd.org) Message-Id: <201112051934.pB5JY3iK054960@svn.freebsd.org> From: Mikolaj Golub Date: Mon, 5 Dec 2011 19:34:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r228288 - head/sys/kern X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Dec 2011 19:34:03 -0000 Author: trociny Date: Mon Dec 5 19:34:02 2011 New Revision: 228288 URL: http://svn.freebsd.org/changeset/base/228288 Log: Protect kern.proc.auxv and kern.proc.ps_strings sysctls with p_candebug(). Citing jilles: If we are ever going to do ASLR, the AUXV information tells an attacker where the stack, executable and RTLD are located, which defeats much of the point of randomizing the addresses in the first place. Given that the AUXV information seems to be used by debuggers only anyway, I think it would be good to move it to p_candebug() now. The full virtual memory maps (KERN_PROC_VMMAP, procstat -v) are already under p_candebug(). Suggested by: jilles Discussed with: rwatson MFC after: 1 week Modified: head/sys/kern/kern_proc.c Modified: head/sys/kern/kern_proc.c ============================================================================== --- head/sys/kern/kern_proc.c Mon Dec 5 18:29:25 2011 (r228287) +++ head/sys/kern/kern_proc.c Mon Dec 5 19:34:02 2011 (r228288) @@ -1782,7 +1782,8 @@ sysctl_kern_proc_auxv(SYSCTL_HANDLER_ARG PROC_UNLOCK(p); return (ESRCH); } - if ((error = p_cansee(curthread, p)) != 0) { + error = p_candebug(curthread, p); + if (error != 0) { PROC_UNLOCK(p); return (error); } @@ -2456,7 +2457,8 @@ sysctl_kern_proc_ps_strings(SYSCTL_HANDL p = pfind((pid_t)name[0]); if (p == NULL) return (ESRCH); - if ((error = p_cansee(curthread, p)) != 0) { + error = p_cansee(curthread, p); + if (error != 0) { PROC_UNLOCK(p); return (error); }