1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | |
3 | #include <stdbool.h> |
4 | #include <stdlib.h> |
5 | #include <error.h> |
6 | #include <stdio.h> |
7 | #include <string.h> |
8 | #include <unistd.h> |
9 | #include <fcntl.h> |
10 | |
11 | #include "unpriv_helpers.h" |
12 | |
13 | static bool get_mitigations_off(void) |
14 | { |
15 | char cmdline[4096], *c; |
16 | int fd, ret = false; |
17 | |
18 | fd = open("/proc/cmdline" , O_RDONLY); |
19 | if (fd < 0) { |
20 | perror("open /proc/cmdline" ); |
21 | return false; |
22 | } |
23 | |
24 | if (read(fd, cmdline, sizeof(cmdline) - 1) < 0) { |
25 | perror("read /proc/cmdline" ); |
26 | goto out; |
27 | } |
28 | |
29 | cmdline[sizeof(cmdline) - 1] = '\0'; |
30 | for (c = strtok(cmdline, " \n" ); c; c = strtok(NULL, " \n" )) { |
31 | if (strncmp(c, "mitigations=off" , strlen(c))) |
32 | continue; |
33 | ret = true; |
34 | break; |
35 | } |
36 | out: |
37 | close(fd); |
38 | return ret; |
39 | } |
40 | |
41 | bool get_unpriv_disabled(void) |
42 | { |
43 | bool disabled; |
44 | char buf[2]; |
45 | FILE *fd; |
46 | |
47 | fd = fopen("/proc/sys/" UNPRIV_SYSCTL, "r" ); |
48 | if (fd) { |
49 | disabled = (fgets(buf, 2, fd) == buf && atoi(buf)); |
50 | fclose(fd); |
51 | } else { |
52 | perror("fopen /proc/sys/" UNPRIV_SYSCTL); |
53 | disabled = true; |
54 | } |
55 | |
56 | return disabled ? true : get_mitigations_off(); |
57 | } |
58 | |