Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/trousers/patches/tspi_tsp_policy.c.patch
author Lijo George - Oracle Corporation - Bangalore India <lijo.x.george@oracle.com>
Tue, 15 Jan 2013 02:16:22 -0800
changeset 1121 d7ac717f665d
parent 791 4b6378a2fe0a
permissions -rw-r--r--
15774567 SUNBT7147779 net-snmp does not show all ifTable values for vlan interfaces
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
791
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     1
 
--- src/tspi/tsp_policy.c	2010-05-01 19:39:11.000000000 -0700
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     2
 
+++ src/tspi/tsp_policy.c	2012-04-20 18:10:16.757128000 -0700
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     3
 
@@ -86,15 +86,13 @@
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     4
 
 int
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     5
 
 pin_mem(void *addr, size_t len)
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     6
 
 {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     7
 
-	/* only root can lock pages into RAM */
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     8
 
-	if (getuid() != (uid_t)0) {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
     9
 
-		LogWarn("Not pinning secrets in memory due to insufficient perms.");
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    10
 
-		return 0;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    11
 
-	}
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    12
 
-
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    13
 
 	len += (uintptr_t)addr & PGOFFSET;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    14
 
 	addr = (void *)((uintptr_t)addr & PGMASK);
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    15
 
 	if (mlock(addr, len) == -1) {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    16
 
+		if (errno == EPERM) {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    17
 
+			LogWarn("Not pinning secrets in memory due to insufficient perms.");
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    18
 
+			return 0;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    19
 
+		}
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    20
 
 		LogError("mlock: %s", strerror(errno));
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    21
 
 		return 1;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    22
 
 	}
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    23
 
@@ -105,14 +103,12 @@
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    24
 
 int
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    25
 
 unpin_mem(void *addr, size_t len)
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    26
 
 {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    27
 
-	/* only root can lock pages into RAM */
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    28
 
-	if (getuid() != (uid_t)0) {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    29
 
-		return 0;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    30
 
-	}
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    31
 
-
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    32
 
 	len += (uintptr_t)addr & PGOFFSET;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    33
 
 	addr = (void *)((uintptr_t)addr & PGMASK);
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    34
 
 	if (munlock(addr, len) == -1) {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    35
 
+		if (errno == EPERM) {
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    36
 
+			return 0;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    37
 
+		}
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    38
 
 		LogError("mlock: %s", strerror(errno));
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    39
 
 		return 1;
4b6378a2fe0a 6896514 tss code doesn't do correct privilege check when using mlock
Dan Anderson <dan.anderson@oracle.com>
parents:
diff changeset 
    40
 
 	}
upstream/oracle/userland-gate