diff options
| author | David Chisnall <theraven@FreeBSD.org> | 2021-07-10 16:19:52 +0000 |
|---|---|---|
| committer | David Chisnall <theraven@FreeBSD.org> | 2021-07-10 16:19:52 +0000 |
| commit | 3a522ba1bc852c3d4660a4fa32e4a94999d09a47 (patch) | |
| tree | bc54f3286f7e98b8903873c8e3ece1bb8c3374b1 /sys/amd64/include | |
| parent | 476ef25d321c4eb9fffe91265a03960983332bc2 (diff) | |
| download | src-3a522ba1bc852c3d4660a4fa32e4a94999d09a47.tar.gz src-3a522ba1bc852c3d4660a4fa32e4a94999d09a47.zip | |
Pass the syscall number to capsicum permission-denied signals
The syscall number is stored in the same register as the syscall return
on amd64 (and possibly other architectures) and so it is impossible to
recover in the signal handler after the call has returned. This small
tweak delivers it in the `si_value` field of the signal, which is
sufficient to catch capability violations and emulate them with a call
to a more-privileged process in the signal handler.
Approved by: markj (mentor)
Reviewed by: kib, bcr (manpages)
Differential Revision: https://reviews.freebsd.org/D29185
Diffstat (limited to 'sys/amd64/include')
| -rw-r--r-- | sys/amd64/include/proc.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/amd64/include/proc.h b/sys/amd64/include/proc.h index 59796e729ac4..0f8cf50e326d 100644 --- a/sys/amd64/include/proc.h +++ b/sys/amd64/include/proc.h @@ -92,6 +92,7 @@ struct mdproc { struct syscall_args { u_int code; + u_int original_code; struct sysent *callp; register_t args[8]; }; |