svn commit: r345229 - head/usr.bin/proccontrol

Konstantin Belousov kib at FreeBSD.org
Sat Mar 16 11:46:49 UTC 2019 

Author: kib
Date: Sat Mar 16 11:46:48 2019
New Revision: 345229
URL: https://svnweb.freebsd.org/changeset/base/345229

Log:
  proccontrol(1): Add kpti control mode.
  
  Requested by:	jhb
  Reviewed by:	jhb, markj (previous version)
  Tested by:	pho
  Sponsored by:	The FreeBSD Foundation
  MFC after:	1 week
  Differential revision:	https://reviews.freebsd.org/D19514

Modified:
  head/usr.bin/proccontrol/proccontrol.c

Modified: head/usr.bin/proccontrol/proccontrol.c
==============================================================================
--- head/usr.bin/proccontrol/proccontrol.c	Sat Mar 16 11:44:33 2019	(r345228)
+++ head/usr.bin/proccontrol/proccontrol.c	Sat Mar 16 11:46:48 2019	(r345229)
@@ -43,6 +43,9 @@ enum {
 	MODE_INVALID,
 	MODE_TRACE,
 	MODE_TRAPCAP,
+#ifdef PROC_KPTI_CTL
+	MODE_KPTI,
+#endif
 };
 
 static pid_t
@@ -59,11 +62,18 @@ str2pid(const char *str)
 	return (res);
 }
 
+#ifdef PROC_KPTI_CTL
+#define	KPTI_USAGE "|kpti"
+#else
+#define	KPTI_USAGE
+#endif
+
 static void __dead2
 usage(void)
 {
 
-	fprintf(stderr, "Usage: proccontrol -m (aslr|trace|trapcap) [-q] "
+	fprintf(stderr, "Usage: proccontrol -m (aslr|trace|trapcap"
+	    KPTI_USAGE") [-q] "
 	    "[-s (enable|disable)] [-p pid | command]\n");
 	exit(1);
 }
@@ -88,6 +98,10 @@ main(int argc, char *argv[])
 				mode = MODE_TRACE;
 			else if (strcmp(optarg, "trapcap") == 0)
 				mode = MODE_TRAPCAP;
+#ifdef PROC_KPTI_CTL
+			else if (strcmp(optarg, "kpti") == 0)
+				mode = MODE_KPTI;
+#endif
 			else
 				usage();
 			break;
@@ -133,6 +147,11 @@ main(int argc, char *argv[])
 		case MODE_TRAPCAP:
 			error = procctl(P_PID, pid, PROC_TRAPCAP_STATUS, &arg);
 			break;
+#ifdef PROC_KPTI_CTL
+		case MODE_KPTI:
+			error = procctl(P_PID, pid, PROC_KPTI_STATUS, &arg);
+			break;
+#endif
 		default:
 			usage();
 			break;
@@ -175,6 +194,22 @@ main(int argc, char *argv[])
 				break;
 			}
 			break;
+#ifdef PROC_KPTI_CTL
+		case MODE_KPTI:
+			switch (arg & ~PROC_KPTI_STATUS_ACTIVE) {
+			case PROC_KPTI_CTL_ENABLE_ON_EXEC:
+				printf("enabled");
+				break;
+			case PROC_KPTI_CTL_DISABLE_ON_EXEC:
+				printf("disabled");
+				break;
+			}
+			if ((arg & PROC_KPTI_STATUS_ACTIVE) != 0)
+				printf(", active\n");
+			else
+				printf(", not active\n");
+			break;
+#endif
 		}
 	} else {
 		switch (mode) {
@@ -193,6 +228,13 @@ main(int argc, char *argv[])
 			    PROC_TRAPCAP_CTL_DISABLE;
 			error = procctl(P_PID, pid, PROC_TRAPCAP_CTL, &arg);
 			break;
+#ifdef PROC_KPTI_CTL
+		case MODE_KPTI:
+			arg = enable ? PROC_KPTI_CTL_ENABLE_ON_EXEC :
+			    PROC_KPTI_CTL_DISABLE_ON_EXEC;
+			error = procctl(P_PID, pid, PROC_KPTI_CTL, &arg);
+			break;
+#endif
 		default:
 			usage();
 			break;

More information about the svn-src-head mailing list