| 1 | // SPDX-License-Identifier: GPL-2.0-only |
|---|
| 2 | |
|---|
| 3 | #include <stdbool.h> |
|---|
| 4 | #include <stdlib.h> |
|---|
| 5 | #include <error.h> |
|---|
| 6 | #include <stdio.h> |
|---|
| 7 | #include <string.h> |
|---|
| 8 | #include <unistd.h> |
|---|
| 9 | #include <fcntl.h> |
|---|
| 10 | |
|---|
| 11 | #include "unpriv_helpers.h" |
|---|
| 12 | |
|---|
| 13 | static bool get_mitigations_off(void) |
|---|
| 14 | { |
|---|
| 15 | char cmdline[4096], *c; |
|---|
| 16 | int fd, ret = false; |
|---|
| 17 | |
|---|
| 18 | fd = open("/proc/cmdline" , O_RDONLY); |
|---|
| 19 | if (fd < 0) { |
|---|
| 20 | perror("open /proc/cmdline" ); |
|---|
| 21 | return false; |
|---|
| 22 | } |
|---|
| 23 | |
|---|
| 24 | if (read(fd, cmdline, sizeof(cmdline) - 1) < 0) { |
|---|
| 25 | perror("read /proc/cmdline" ); |
|---|
| 26 | goto out; |
|---|
| 27 | } |
|---|
| 28 | |
|---|
| 29 | cmdline[sizeof(cmdline) - 1] = '\0'; |
|---|
| 30 | for (c = strtok(cmdline, " \n" ); c; c = strtok(NULL, " \n" )) { |
|---|
| 31 | if (strncmp(c, "mitigations=off" , strlen(c))) |
|---|
| 32 | continue; |
|---|
| 33 | ret = true; |
|---|
| 34 | break; |
|---|
| 35 | } |
|---|
| 36 | out: |
|---|
| 37 | close(fd); |
|---|
| 38 | return ret; |
|---|
| 39 | } |
|---|
| 40 | |
|---|
| 41 | bool get_unpriv_disabled(void) |
|---|
| 42 | { |
|---|
| 43 | bool disabled; |
|---|
| 44 | char buf[2]; |
|---|
| 45 | FILE *fd; |
|---|
| 46 | |
|---|
| 47 | fd = fopen("/proc/sys/" UNPRIV_SYSCTL, "r" ); |
|---|
| 48 | if (fd) { |
|---|
| 49 | disabled = (fgets(buf, 2, fd) == buf && atoi(buf)); |
|---|
| 50 | fclose(fd); |
|---|
| 51 | } else { |
|---|
| 52 | perror("fopen /proc/sys/" UNPRIV_SYSCTL); |
|---|
| 53 | disabled = true; |
|---|
| 54 | } |
|---|
| 55 | |
|---|
| 56 | return disabled ? true : get_mitigations_off(); |
|---|
| 57 | } |
|---|
| 58 | |
|---|
