Introduce KAUTH_REQ_MACHDEP_{ALPHA,X86}_UNMANAGEDMEM to handle access

to unmanaged memory.

These are the last two securelevel references in the MD code.

share/examples/secmodel/secmodel_example.c

@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_example.c,v 1.6 2006/11/04 09:37:54 elad Exp $ */
+/* $NetBSD: secmodel_example.c,v 1.7 2006/11/22 12:12:51 elad Exp $ */
 
 /*
  * This file is placed in the public domain.
@@ -13,7 +13,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.6 2006/11/04 09:37:54 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.7 2006/11/22 12:12:51 elad Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -340,11 +340,19 @@ secmodel_example_machdep_cb(kauth_cred_t cred, kauth_action_t action,
         result = KAUTH_RESULT_DENY;
 
         switch (action) {
+	case KAUTH_MACHDEP_ALPHA:
+		switch ((u_long)arg0) {
+		case KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM:
+		default:
+			result = KAUTH_RESULT_DEFER;
+			break;
+		}
         case KAUTH_MACHDEP_X86:
                 switch ((u_long)arg0) {
                 case KAUTH_REQ_MACHDEP_X86_IOPL:
                 case KAUTH_REQ_MACHDEP_X86_IOPERM:
                 case KAUTH_REQ_MACHDEP_X86_MTRR_SET:
+		case KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM:
                 default:
                         result = KAUTH_RESULT_DEFER;
                         break;

share/man/man9/kauth.9

@@ -1,4 +1,4 @@
-.\" $NetBSD: kauth.9,v 1.34 2006/11/19 00:11:30 elad Exp $
+.\" $NetBSD: kauth.9,v 1.35 2006/11/22 12:12:51 elad Exp $
 .\"
 .\" Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
 .\" All rights reserved.
@@ -28,7 +28,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd November 22, 2006
 .Dt KAUTH 9
 .Os
 .Sh NAME
@@ -446,11 +446,21 @@ In this scope,
 always indicates the machine for the request.
 Below is the list of available request hierarchy.
 .Bl -tag
+.It Dv KAUTH_MACHDEP_ALPHA
+The request is alpha specific.
+.Pp
+Available requests as
+.Ar req
+are:
+.Bl -tag
+.It Dv KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM
+Access to unmanaged memory requested.
+.El
 .It Dv KAUTH_MACHDEP_X86
 The request is x86 specific.
 .Pp
 Available requests as
-.Ar arg1
+.Ar req
 are:
 .Bl -tag
 .It Dv KAUTH_REQ_MACHDEP_X86_IOPL
@@ -459,6 +469,8 @@ Checks if IOPL is allowed to be modified.
 Checks if IOPERM is allowed to be modified.
 .It Dv KAUTH_REQ_MACHDEP_X86_MTRR_SET
 Checks if the MTRR can be set.
+.It Dv KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM
+Access to unmanaged memory requested.
 .El
 .It Dv KAUTH_MACHDEP_X86_64
 The request is x86-64 specific.

sys/arch/alpha/alpha/machdep.c

@@ -1,4 +1,4 @@
-/* $NetBSD: machdep.c,v 1.289 2006/10/21 05:54:31 mrg Exp $ */
+/* $NetBSD: machdep.c,v 1.290 2006/11/22 12:12:51 elad Exp $ */
 
 /*-
  * Copyright (c) 1998, 1999, 2000 The NetBSD Foundation, Inc.
@@ -75,7 +75,7 @@
 
 #include <sys/cdefs.h>			/* RCS ID & Copyright macro defns */
 
-__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.289 2006/10/21 05:54:31 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.290 2006/11/22 12:12:51 elad Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -104,6 +104,7 @@ __KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.289 2006/10/21 05:54:31 mrg Exp $");
 #include <sys/ucontext.h>
 #include <sys/conf.h>
 #include <sys/ksyms.h>
+#include <sys/kauth.h>
 #include <machine/kcore.h>
 #include <machine/fpu.h>
 
@@ -1891,7 +1892,8 @@ alpha_pa_access(pa)
 	 * Address is not a memory address.  If we're secure, disallow
 	 * access.  Otherwise, grant read/write.
 	 */
-	if (securelevel > 0)
+	if (kauth_authorize_machdep(kauth_cred_get(), KAUTH_MACHDEP_ALPHA,
+	    KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM, NULL, NULL, NULL) != 0)
 		return (PROT_NONE);
 	else
 		return (PROT_READ | PROT_WRITE);

sys/arch/x86/x86/x86_machdep.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: x86_machdep.c,v 1.3 2006/11/16 01:32:39 christos Exp $	*/
+/*	$NetBSD: x86_machdep.c,v 1.4 2006/11/22 12:12:51 elad Exp $	*/
 
 /*-
  * Copyright (c) 2005 The NetBSD Foundation, Inc.
@@ -37,13 +37,14 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.3 2006/11/16 01:32:39 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.4 2006/11/22 12:12:51 elad Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/kcore.h>
 #include <sys/errno.h>
+#include <sys/kauth.h>
 
 #include <machine/bootinfo.h>
 #include <machine/vmparam.h>
@@ -98,7 +99,8 @@ check_pa_acc(paddr_t pa, vm_prot_t prot)
 	extern int mem_cluster_cnt;
 	int i;
 
-	if (securelevel <= 0) {
+	if (kauth_authorize_machdep(kauth_cred_get(), KAUTH_MACHDEP_X86,
+	    KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM, NULL, NULL, NULL) == 0) {
 		return 0;
 	}
 

sys/secmodel/bsd44/secmodel_bsd44_securelevel.c

@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_bsd44_securelevel.c,v 1.14 2006/11/16 01:33:51 christos Exp $ */
+/* $NetBSD: secmodel_bsd44_securelevel.c,v 1.15 2006/11/22 12:12:51 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_securelevel.c,v 1.14 2006/11/16 01:33:51 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_securelevel.c,v 1.15 2006/11/22 12:12:51 elad Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_insecure.h"
@@ -310,6 +310,17 @@ secmodel_bsd44_securelevel_machdep_cb(kauth_cred_t cred,
 	req = (enum kauth_machdep_req)arg0;
 
         switch (action) {
+	case KAUTH_MACHDEP_ALPHA:
+		switch (req) {
+		case KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM:
+			if (securelevel < 0)
+				result = KAUTH_RESULT_ALLOW;
+			break;
+		default:
+			result = KAUTH_RESULT_DEFER;
+			break;
+		}
+		break;
 	case KAUTH_MACHDEP_X86:
 		switch (req) {
 		case KAUTH_REQ_MACHDEP_X86_IOPL:
@@ -317,6 +328,10 @@ secmodel_bsd44_securelevel_machdep_cb(kauth_cred_t cred,
 			if (securelevel < 2)
 				result = KAUTH_RESULT_ALLOW;
 			break;
+		case KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM:
+			if (securelevel < 0)
+				result = KAUTH_RESULT_ALLOW;
+			break;
 		default:
 			result = KAUTH_RESULT_DEFER;
 			break;

sys/sys/kauth.h

@@ -1,4 +1,4 @@
-/* $NetBSD: kauth.h,v 1.20 2006/11/19 00:11:30 elad Exp $ */
+/* $NetBSD: kauth.h,v 1.21 2006/11/22 12:12:51 elad Exp $ */
 
 /*-
  * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>  
@@ -178,7 +178,8 @@ enum kauth_network_req {
  * Machdep scope - actions.
  */
 enum {
-	KAUTH_MACHDEP_X86=1,
+	KAUTH_MACHDEP_ALPHA=1,
+	KAUTH_MACHDEP_X86,
 	KAUTH_MACHDEP_X86_64
 };
 
@@ -186,10 +187,12 @@ enum {
  * Machdep scope - sub-actions.
  */
 enum kauth_machdep_req {
-	KAUTH_REQ_MACHDEP_X86_64_MTRR_GET=1, /* ridiculous. */
+	KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM=1,
+	KAUTH_REQ_MACHDEP_X86_64_MTRR_GET, /* ridiculous. */
 	KAUTH_REQ_MACHDEP_X86_IOPERM,
 	KAUTH_REQ_MACHDEP_X86_IOPL,
-	KAUTH_REQ_MACHDEP_X86_MTRR_SET
+	KAUTH_REQ_MACHDEP_X86_MTRR_SET,
+	KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM
 };
 
 /*