svn commit: r349610 - head/usr.bin/proccontrol
Konstantin Belousov
kib at FreeBSD.org
Tue Jul 2 19:12:03 UTC 2019
Author: kib
Date: Tue Jul 2 19:12:02 2019
New Revision: 349610
URL: https://svnweb.freebsd.org/changeset/base/349610
Log:
Add implicit PROT_MAX() knob to proccontrol(1).
Reviewed by: emaste, markj (previous version)
Discussed with: brooks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D20795
Modified:
head/usr.bin/proccontrol/proccontrol.1
head/usr.bin/proccontrol/proccontrol.c
Modified: head/usr.bin/proccontrol/proccontrol.1
==============================================================================
--- head/usr.bin/proccontrol/proccontrol.1 Tue Jul 2 19:07:17 2019 (r349609)
+++ head/usr.bin/proccontrol/proccontrol.1 Tue Jul 2 19:12:02 2019 (r349610)
@@ -66,6 +66,9 @@ Note that process is only allowed to enable tracing fo
not for any other process.
.It Ar trapcap
Controls the signalling of capability mode access violations.
+.It Ar protmax
+Controls the implicit PROT_MAX application for
+.Xr mmap 2 .
.It Ar kpti
Controls the KPTI enable, AMD64 only.
.El
Modified: head/usr.bin/proccontrol/proccontrol.c
==============================================================================
--- head/usr.bin/proccontrol/proccontrol.c Tue Jul 2 19:07:17 2019 (r349609)
+++ head/usr.bin/proccontrol/proccontrol.c Tue Jul 2 19:12:02 2019 (r349610)
@@ -43,6 +43,7 @@ enum {
MODE_INVALID,
MODE_TRACE,
MODE_TRAPCAP,
+ MODE_PROTMAX,
#ifdef PROC_KPTI_CTL
MODE_KPTI,
#endif
@@ -72,7 +73,7 @@ static void __dead2
usage(void)
{
- fprintf(stderr, "Usage: proccontrol -m (aslr|trace|trapcap"
+ fprintf(stderr, "Usage: proccontrol -m (aslr|protmax|trace|trapcap"
KPTI_USAGE") [-q] "
"[-s (enable|disable)] [-p pid | command]\n");
exit(1);
@@ -94,6 +95,8 @@ main(int argc, char *argv[])
case 'm':
if (strcmp(optarg, "aslr") == 0)
mode = MODE_ASLR;
+ else if (strcmp(optarg, "protmax") == 0)
+ mode = MODE_PROTMAX;
else if (strcmp(optarg, "trace") == 0)
mode = MODE_TRACE;
else if (strcmp(optarg, "trapcap") == 0)
@@ -147,6 +150,9 @@ main(int argc, char *argv[])
case MODE_TRAPCAP:
error = procctl(P_PID, pid, PROC_TRAPCAP_STATUS, &arg);
break;
+ case MODE_PROTMAX:
+ error = procctl(P_PID, pid, PROC_PROTMAX_STATUS, &arg);
+ break;
#ifdef PROC_KPTI_CTL
case MODE_KPTI:
error = procctl(P_PID, pid, PROC_KPTI_STATUS, &arg);
@@ -194,6 +200,23 @@ main(int argc, char *argv[])
break;
}
break;
+ case MODE_PROTMAX:
+ switch (arg & ~PROC_PROTMAX_ACTIVE) {
+ case PROC_PROTMAX_FORCE_ENABLE:
+ printf("force enabled");
+ break;
+ case PROC_PROTMAX_FORCE_DISABLE:
+ printf("force disabled");
+ break;
+ case PROC_PROTMAX_NOFORCE:
+ printf("not forced");
+ break;
+ }
+ if ((arg & PROC_PROTMAX_ACTIVE) != 0)
+ printf(", active\n");
+ else
+ printf(", not active\n");
+ break;
#ifdef PROC_KPTI_CTL
case MODE_KPTI:
switch (arg & ~PROC_KPTI_STATUS_ACTIVE) {
@@ -227,6 +250,11 @@ main(int argc, char *argv[])
arg = enable ? PROC_TRAPCAP_CTL_ENABLE :
PROC_TRAPCAP_CTL_DISABLE;
error = procctl(P_PID, pid, PROC_TRAPCAP_CTL, &arg);
+ break;
+ case MODE_PROTMAX:
+ arg = enable ? PROC_PROTMAX_FORCE_ENABLE :
+ PROC_PROTMAX_FORCE_DISABLE;
+ error = procctl(P_PID, pid, PROC_PROTMAX_CTL, &arg);
break;
#ifdef PROC_KPTI_CTL
case MODE_KPTI:
More information about the svn-src-head
mailing list