Date: Tue, 28 May 2002 08:54:20 +0000 From: Dima Dorfman <dima@trit.org> To: audit@freebsd.org Subject: VT_LOCKSWITCH Message-ID: <20020528085420.348AC3E5E@turbine.trit.org>
next in thread | raw e-mail | index | archive | help
The attached patch adds an -S option to vidcontrol(1) that allows the
user to disallow vty switching. It is implemented using a new
VT_LOCKSWITCH ioctl. Although it is possible to implement something
like this by VT_SETMODEing to VT_PROCESS and never releasing the vty,
that method has a number of downsides, the biggest of which is that
some program has to stay resident for the lock to be in effect.
Please review.
Thanks.
P.S.: This patch makes the usage output pretty ugly; I'll fix that in
a separate commit (I don't want to put unrelated, cosmetic stuff in
this diff).
Index: sys/sys/consio.h
===================================================================
RCS file: /ref/cvsf/src/sys/sys/consio.h,v
retrieving revision 1.14
diff -u -r1.14 consio.h
--- sys/sys/consio.h 16 May 2002 10:57:10 -0000 1.14
+++ sys/sys/consio.h 27 May 2002 23:09:46 -0000
@@ -335,6 +335,9 @@
/* get the index of the vty */
#define VT_GETINDEX _IOR('v', 8, int)
+/* prevent switching vtys */
+#define VT_LOCKSWITCH _IOW('v', 9, int)
+
/*
* Video mode switching ioctl. See sys/fbio.h for mode numbers.
*/
Index: sys/dev/syscons/syscons.c
===================================================================
RCS file: /ref/cvsf/src/sys/dev/syscons/syscons.c,v
retrieving revision 1.384
diff -u -r1.384 syscons.c
--- sys/dev/syscons/syscons.c 4 May 2002 15:42:38 -0000 1.384
+++ sys/dev/syscons/syscons.c 27 May 2002 23:15:36 -0000
@@ -981,6 +981,13 @@
*(int *)data = scp->index + 1;
return 0;
+ case VT_LOCKSWITCH: /* prevent vty switching */
+ if ((*(int *)data) & 0x01)
+ sc->flags |= SC_SCRN_VTYLOCK;
+ else
+ sc->flags &= ~SC_SCRN_VTYLOCK;
+ return 0;
+
case KDENABIO: /* allow io operations */
error = suser(td);
if (error != 0)
@@ -2074,6 +2081,13 @@
int s;
DPRINTF(5, ("sc0: sc_switch_scr() %d ", next_scr + 1));
+
+ /* prevent switch if previously requested */
+ if (sc->flags & SC_SCRN_VTYLOCK) {
+ sc_bell(sc->cur_scp, sc->cur_scp->bell_pitch,
+ sc->cur_scp->bell_duration);
+ return EPERM;
+ }
/* delay switch if the screen is blanked or being updated */
if ((sc->flags & SC_SCRN_BLANKED) || sc->write_in_progress
Index: sys/dev/syscons/syscons.h
===================================================================
RCS file: /ref/cvsf/src/sys/dev/syscons/syscons.h,v
retrieving revision 1.74
diff -u -r1.74 syscons.h
--- sys/dev/syscons/syscons.h 13 Apr 2002 22:34:16 -0000 1.74
+++ sys/dev/syscons/syscons.h 27 May 2002 23:14:16 -0000
@@ -194,6 +194,7 @@
#define SC_SCRN_IDLE (1 << 5)
#define SC_SCRN_BLANKED (1 << 6)
#define SC_SAVER_FAILED (1 << 7)
+#define SC_SCRN_VTYLOCK (1 << 8)
#define SC_INIT_DONE (1 << 16)
#define SC_SPLASH_SCRN (1 << 17)
Index: usr.sbin/vidcontrol/vidcontrol.1
===================================================================
RCS file: /ref/cvsf/src/usr.sbin/vidcontrol/vidcontrol.1,v
retrieving revision 1.51
diff -u -r1.51 vidcontrol.1
--- usr.sbin/vidcontrol/vidcontrol.1 20 Apr 2002 12:27:15 -0000 1.51
+++ usr.sbin/vidcontrol/vidcontrol.1 27 May 2002 23:35:06 -0000
@@ -13,7 +13,7 @@
.\" @(#)vidcontrol.1
.\" $FreeBSD$
.\"
-.Dd May 27, 2001
+.Dd May 27, 2002
.Dt VIDCONTROL 1
.Os
.Sh NAME
@@ -36,6 +36,7 @@
.Op Fl M Ar char
.Op Fl m Cm on | off
.Op Fl r Ar foreground Ar background
+.Op Fl S Cm on | off
.Op Fl s Ar number
.Op Fl t Ar N | Cm off
.Op Ar mode
@@ -213,6 +214,11 @@
.Ar foreground
and
.Ar background .
+.It Fl S Cm on | off
+Turn vty switching on or off.
+When vty switching is off,
+attempts to switch to a different virtual terminal will fail.
+(The default is to permit vty switching.)
.It Fl s Ar number
Set the current vty to
.Ar number .
Index: usr.sbin/vidcontrol/vidcontrol.c
===================================================================
RCS file: /ref/cvsf/src/usr.sbin/vidcontrol/vidcontrol.c,v
retrieving revision 1.41
diff -u -r1.41 vidcontrol.c
--- usr.sbin/vidcontrol/vidcontrol.c 16 Mar 2002 23:35:51 -0000 1.41
+++ usr.sbin/vidcontrol/vidcontrol.c 27 May 2002 23:38:02 -0000
@@ -76,7 +76,7 @@
"usage: vidcontrol [-CdLPpx] [-b color] [-c appearance] [-f [size] file]",
" [-g geometry] [-h size] [-i adapter | mode] [-l screen_map]",
" [-m on | off] [-M char] [-r foreground background] [-s num]",
-" [-t N | off] [mode] [foreground [background]] [show]");
+" [-S on | off] [-t N | off] [mode] [foreground [background]] [show]");
exit(1);
}
@@ -518,6 +518,23 @@
ioctl(0, CONS_MOUSECTL, &mouse);
}
+void
+set_lockswitch(char *arg)
+{
+ int data;
+
+ if (!strcmp(arg, "off"))
+ data = 0x01;
+ else if (!strcmp(arg, "on"))
+ data = 0x02;
+ else {
+ warnx("argument to -S must either on or off");
+ return;
+ }
+ if (ioctl(0, VT_LOCKSWITCH, &data) == -1)
+ warn("ioctl(VT_LOCKSWITCH)");
+}
+
static char
*adapter_name(int type)
{
@@ -749,7 +766,7 @@
/* Not reached */
if (ioctl(0, CONS_GETINFO, &info) < 0)
err(1, "must be on a virtual console");
- while((opt = getopt(argc, argv, "b:Cc:df:g:h:i:l:LM:m:pPr:s:t:x")) != -1)
+ while((opt = getopt(argc, argv, "b:Cc:df:g:h:i:l:LM:m:pPr:S:s:t:x")) != -1)
switch(opt) {
case 'b':
set_border_color(optarg);
@@ -805,6 +822,9 @@
break;
case 'r':
set_reverse_colors(argc, argv, &optind);
+ break;
+ case 'S':
+ set_lockswitch(optarg);
break;
case 's':
set_console(optarg);
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020528085420.348AC3E5E>