diff options
| author | Jake Freeland <jfree@FreeBSD.org> | 2024-04-06 18:31:18 +0000 |
|---|---|---|
| committer | Jake Freeland <jfree@FreeBSD.org> | 2024-04-07 23:52:51 +0000 |
| commit | 05296a0ff615566d25c77c5e6619b08724d2eecb (patch) | |
| tree | 6b3e099db22c0f46ec5c65def7743d284839603d /sys/arm | |
| parent | 96c8b3e509882e5a51a5ae58d366b812be4d2773 (diff) | |
| download | src-05296a0ff615566d25c77c5e6619b08724d2eecb.tar.gz src-05296a0ff615566d25c77c5e6619b08724d2eecb.zip | |
ktrace: Record syscall violations with KTR_CAPFAIL
Report syscalls that are not allowed in capability mode with
CAPFAIL_SYSCALL.
Reviewed by: markj
Approved by: markj (mentor)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D40678
Diffstat (limited to 'sys/arm')
| -rw-r--r-- | sys/arm/arm/sys_machdep.c | 27 |
1 files changed, 12 insertions, 15 deletions
diff --git a/sys/arm/arm/sys_machdep.c b/sys/arm/arm/sys_machdep.c index bf738ed77a67..50cdc4158517 100644 --- a/sys/arm/arm/sys_machdep.c +++ b/sys/arm/arm/sys_machdep.c @@ -175,22 +175,19 @@ sysarch(struct thread *td, struct sysarch_args *uap) * explicitly indicate whether or not the operation is safe to * perform in capability mode. */ - if (IN_CAPABILITY_MODE(td)) { - switch (uap->op) { - case ARM_SYNC_ICACHE: - case ARM_DRAIN_WRITEBUF: - case ARM_SET_TP: - case ARM_GET_TP: - case ARM_GET_VFPSTATE: - break; - - default: -#ifdef KTRACE - if (KTRPOINT(td, KTR_CAPFAIL)) - ktrcapfail(CAPFAIL_SYSCALL, NULL, NULL); -#endif + switch (uap->op) { + case ARM_SYNC_ICACHE: + case ARM_DRAIN_WRITEBUF: + case ARM_SET_TP: + case ARM_GET_TP: + case ARM_GET_VFPSTATE: + break; + + default: + if (CAP_TRACING(td)) + ktrcapfail(CAPFAIL_SYSCALL, &uap->op); + if (IN_CAPABILITY_MODE(td)) return (ECAPMODE); - } } #endif |