summaryrefslogtreecommitdiff
path: root/src/misc/xperm
diff options
context:
space:
mode:
Diffstat (limited to 'src/misc/xperm')
-rw-r--r--src/misc/xperm/consolexperm.cil145
-rw-r--r--src/misc/xperm/ttyxperm.cil139
-rw-r--r--src/misc/xperm/vtxperm.cil68
3 files changed, 352 insertions, 0 deletions
diff --git a/src/misc/xperm/consolexperm.cil b/src/misc/xperm/consolexperm.cil
new file mode 100644
index 0000000..9e52407
--- /dev/null
+++ b/src/misc/xperm/consolexperm.cil
@@ -0,0 +1,145 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(permissionx IOCTLCONSOLE
+ (ioctl chr_file (0x4b72 0x4b31 0x4b32 0x4b64 0x4b65 0x4b33 0x4b34
+ 0x4b35 0x4b36 0x4b37 0x4b3a 0x4b3b 0x4b30
+ 0x4b2f 0x4b70 0x4b71 0x4b60 0x4b6b 0x4b61
+ 0x4b6c 0x4b6d 0x4b40 0x4b69 0x4b41 0x4b6a
+ 0x4b66 0x4b67 0x4b68 0x4b44 0x4b45 0x4b62
+ 0x4b63 0x4b46 0x4b47 0x4b48 0x4b49 0x4b4a
+ 0x4b4c 0x4b4d 0x4b4e 0x541c 0x4bfa
+ 0x4bfb)))
+
+;; Font handling
+(permissionx KDFONTOP (ioctl chr_file (0x4b72)))
+
+;; Get state of LEDs
+(permissionx KDGETLED (ioctl chr_file (0x4b31)))
+
+;; Set the LEDs
+(permissionx KDSETLED (ioctl chr_file (0x4b32)))
+
+;; Get keyboard flags CapsLock, NumLock, ScrollLock (not lights)
+(permissionx KDGKBLED (ioctl chr_file (0x4b64)))
+
+;; Set keyboard flags CapsLock, NumLock, ScrollLock (not lights)
+(permissionx KDSKBLED (ioctl chr_file (0x4b65)))
+
+;; Get keyboard type
+(permissionx KDGKBTYPE (ioctl chr_file (0x4b33)))
+
+;; Add I/O port as valid
+(permissionx KDADDIO (ioctl chr_file (0x4b34)))
+
+;; Delete I/O port as valid
+(permissionx KDDELIO (ioctl chr_file (0x4b35)))
+
+;; Enable I/O to video board
+(permissionx KDENABIO (ioctl chr_file (0x4b36)))
+
+;; Disable I/O to video board
+(permissionx KDDISABIO (ioctl chr_file (0x4b37)))
+
+;; Set text/graphics mode
+(permissionx KDSETMODE (ioctl chr_file (0x4b3a)))
+
+;; Get text/graphics mode
+(permissionx KDGETMODE (ioctl chr_file (0x4b3b)))
+
+;; Generate tone of specified length
+(permissionx KDMKTONE (ioctl chr_file (0x4b30)))
+
+;; Start or stop sound generation
+(permissionx KIOCSOUND (ioctl chr_file (0x4b2f)))
+
+;; Get the current default color map from kernel
+(permissionx GIO_CMAP (ioctl chr_file (0x4b70)))
+
+;; Change the default text-mode color map
+(permissionx PIO_CMAP (ioctl chr_file (0x4b71)))
+
+;; Gets 256-character screen font in expanded form
+(permissionx GIO_FONT (ioctl chr_file (0x4b60)))
+
+;; Gets screen font and associated information
+(permissionx GIO_FONTX (ioctl chr_file (0x4b6b)))
+
+;; Sets 256-character screen font
+(permissionx PIO_FONT (ioctl chr_file (0x4b61)))
+
+;; Sets screen font and associated rendering information
+(permissionx PIO_FONTX (ioctl chr_file (0x4b6c)))
+
+;; Resets the screen font, size, and Unicode mapping to the bootup defaults
+(permissionx PIO_FONTRESET (ioctl chr_file (0x4b6d)))
+
+;; Get screen mapping from kernel
+(permissionx GIO_SCRNMAP (ioctl chr_file (0x4b40)))
+
+;; Get full Unicode screen mapping from kernel
+(permissionx GIO_UNISCRNMAP (ioctl chr_file (0x4b69)))
+
+;; Loads the "user definable" (fourth) table in the kernel which maps bytes
+;; into console screen symbols
+(permissionx PIO_SCRNMAP (ioctl chr_file (0x4b41)))
+
+;; Loads the "user definable" (fourth) table in the kernel which maps bytes
+;; into Unicodes, which are then translated into screen symbols according to
+;; the currently loaded Unicode-to-font map
+(permissionx PIO_UNISCRNMAP (ioctl chr_file (0x4b6a)))
+
+;; Get Unicode-to-font mapping from kernel
+(permissionx GIO_UNIMAP (ioctl chr_file (0x4b66)))
+
+;; Put unicode-to-font mapping in kernel
+(permissionx PIO_UNIMAP (ioctl chr_file (0x4b67)))
+
+;; Clear table, possibly advise hash algorithm
+(permissionx PIO_UNIMAPCLR (ioctl chr_file (0x4b68)))
+
+;; Gets current keyboard mode
+(permissionx KDGKBMODE (ioctl chr_file (0x4b44)))
+
+;; Sets current keyboard mode
+(permissionx KDSKBMODE (ioctl chr_file (0x4b45)))
+
+;; Gets meta key handling mode
+(permissionx KDGKBMETA (ioctl chr_file (0x4b62)))
+
+;; Sets meta key handling mode
+(permissionx KDSKBMETA (ioctl chr_file (0x4b63)))
+
+;; Gets one entry in key translation table
+(permissionx KDGKBENT (ioctl chr_file (0x4b46)))
+
+;; Sets one entry in translation table
+(permissionx KDSKBENT (ioctl chr_file (0x4b47)))
+
+;; Gets one function key string
+(permissionx KDGKBSENT (ioctl chr_file (0x4b48)))
+
+;; Sets one function key string entry
+(permissionx KDSKBSENT (ioctl chr_file (0x4b49)))
+
+;; Read kernel accent table
+(permissionx KDGKBDIACR (ioctl chr_file (0x4b4a)))
+
+;; Read kernel keycode table entry
+(permissionx KDGETKEYCODE (ioctl chr_file (0x4b4c)))
+
+;; Read kernel accent table (Universal Character Set)
+(permissionx KDGKBDIACRUC (ioctl chr_file (0x4bfa)))
+
+;; Write kernel accent table (Universal Character Set)
+(permissionx KDSKBDIACRUC (ioctl chr_file (0x4bfb)))
+
+;; Write kernel keycode table entry
+(permissionx KDSETKEYCODE (ioctl chr_file (0x4b4d)))
+
+;; The calling process indicates its willingness to accept the signal argp when
+;; it is generated by pressing an appropriate key combination
+(permissionx KDSIGACCEPT (ioctl chr_file (0x4b4e)))
+
+;; Dump the screen. Disappeared in Linux 1.1.92
+(permissionx TIOCLINUX (ioctl chr_file (0x541c)))
diff --git a/src/misc/xperm/ttyxperm.cil b/src/misc/xperm/ttyxperm.cil
new file mode 100644
index 0000000..7e50ab5
--- /dev/null
+++ b/src/misc/xperm/ttyxperm.cil
@@ -0,0 +1,139 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(permissionx IOCTLTTY_NOT_TIOCSTI
+ (ioctl chr_file (0x5405 0x542a 0x540d 0x5401 0x5406 0x542b 0x5402
+ 0x5403 0x542c 0x5407 0x5404 0x542d 0x5408
+ 0x5456 0x5457 0x7468 0x5413 0x7467 0x5414
+ 0x5409 0x5425 0x5427 0x5428 0x540a 0x467f
+ 0x541b 0x7472 0x5411 0x540b 0x541d 0x5480
+ 0x540e 0x5422 0x540f 0x5410 0x5429 0x540c
+ 0x5440 0x540c 0x5424 0x5423 0x5420 0x5438
+ 0x5431 0x5439 0x5415 0x5418 0x5417 0x5416
+ 0x545c 0x545d 0x5419 0x541a 0x541e)))
+
+;; Get the current serial port settings
+(permissionx TCGETS (ioctl chr_file (0x5405 0x542a 0x540d 0x5401)))
+
+;; Set the current serial port settings
+(permissionx TCSETS (ioctl chr_file (0x5406 0x542b 0x5402)))
+
+;; Allow the output buffer to drain, and set the current serial port settings
+(permissionx TCSETSW (ioctl chr_file (0x5403 0x542c 0x5407)))
+
+;; Allow the output buffer to drain, discard pending input, and set the current
+;; serial port settings
+(permissionx TCSETSF (ioctl chr_file (0x5404 0x542d 0x5408)))
+
+;; Gets the locking status of the termios structure of the terminal
+(permissionx TIOCGLCKTRMIOS (ioctl chr_file (0x5456)))
+
+;; Sets the locking status of the termios structure of the terminal. Only a
+;; process with the CAP_SYS_ADMIN capability can do this
+(permissionx TIOCSLCKTRMIOS (ioctl chr_file (0x5457)))
+
+;; Get window size
+(permissionx TIOCGWINSZ (ioctl chr_file (0x7468 0x5413)))
+
+;; Set window size
+(permissionx TIOCSWINSZ (ioctl chr_file (0x7467 0x5414)))
+
+;; Send break
+(permissionx TCSBRK (ioctl chr_file (0x5409 0x5425)))
+
+;; Turn break on
+(permissionx TIOCSBRK (ioctl chr_file (0x5427)))
+
+;; Turn break off
+(permissionx TIOCCBRK (ioctl chr_file (0x5428)))
+
+;; Software flow control
+(permissionx TCXONC (ioctl chr_file (0x540a)))
+
+;; Get the number of bytes in the input buffer
+(permissionx FIONREAD (ioctl chr_file (0x467f 0x541b)))
+
+;; Get the number of bytes in the output buffer
+(permissionx TIOCOUTQ (ioctl chr_file (0x7472 0x5411)))
+
+;; Discard data written
+(permissionx TCFLSH (ioctl chr_file (0x540b)))
+
+;; Fake input
+(permissionx TIOCSTI (ioctl chr_file (0x5412)))
+
+;; Redirect console output
+(permissionx TIOCCONS (ioctl chr_file (0x541d)))
+
+;; Make controlling terminal
+(permissionx TIOCSCTTY (ioctl chr_file (0x5480 0x540e)))
+
+;; Give up controlling terminal
+(permissionx TIOCNOTTY (ioctl chr_file (0x5422)))
+
+;; Get the process group ID of the foreground process group on this terminal
+(permissionx TIOCGPGRP (ioctl chr_file (0x540f)))
+
+;; Set the foreground process group ID of this terminal
+(permissionx TIOCSPGRP (ioctl chr_file (0x5410)))
+
+;; Get the session ID of the given terminal
+(permissionx TIOCGSID (ioctl chr_file (0x5429)))
+
+;; Enable exclusive mode
+(permissionx TIOCEXCL (ioctl chr_file (0x540c)))
+
+;; If the terminal is currently in exclusive mode, place a nonzero value
+(permissionx TIOCGEXCL (ioctl chr_file (0x5440)))
+
+;; Disable exclusive mode
+(permissionx TIOCNXCL (ioctl chr_file (0x540d)))
+
+;; Get the line discipline of the terminal
+(permissionx TIOCGETD (ioctl chr_file (0x5424)))
+
+;; Set the line discipline of the terminal
+(permissionx TIOCSETD (ioctl chr_file (0x5423)))
+
+;; Enable or disable packet mode. Can be applied to the master side of a
+;; pseudoterminal only
+(permissionx TIOCPKT (ioctl chr_file (0x5420)))
+
+;; Return the current packet mode setting
+(permissionx TIOCGPKT (ioctl chr_file (0x5438)))
+
+;; Set or remove the lock on the pseudoterminal slave device
+(permissionx TIOCSPTLCK (ioctl chr_file (0x5431)))
+
+;; Place the current lock state of the pseudoterminal slave device
+(permissionx TIOCGPTLCK (ioctl chr_file (0x5439)))
+
+;; Safely open the slave
+;; (permissionx TIOCGPTPEER (ioctl chr_file ()))
+
+;; Get the status of modem bits
+(permissionx TIOCMGET (ioctl chr_file (0x5415)))
+
+;; Set the status of modem bits
+(permissionx TIOCMSET (ioctl chr_file (0x5418)))
+
+;; Clear the indicated modem bits
+(permissionx TIOCMBIC (ioctl chr_file (0x5417)))
+
+;; Set the indicated modem bits
+(permissionx TIOCMBIS (ioctl chr_file (0x5416)))
+
+;; Wait for any of the modem bits to change
+(permissionx TIOCMIWAIT (ioctl chr_file (0x545c)))
+
+;; Get counts of input serial line interrupts
+(permissionx TIOCGICOUNT (ioctl chr_file (0x545d)))
+
+;; Get the serial line information
+(permissionx TIOCGSERIAL (ioctl chr_file (0x541e)))
+
+;; Get software carrier flag
+(permissionx TIOCGSOFTCAR (ioctl chr_file (0x5419)))
+
+;; Set software carrier flag
+(permissionx TIOCSSOFTCAR (ioctl chr_file (0x541a)))
diff --git a/src/misc/xperm/vtxperm.cil b/src/misc/xperm/vtxperm.cil
new file mode 100644
index 0000000..cc18806
--- /dev/null
+++ b/src/misc/xperm/vtxperm.cil
@@ -0,0 +1,68 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(permissionx IOCTLVT
+ (ioctl chr_file (0x0001 0x0002 0x0004 0x0008 0x5600 0x5601 0x5602
+ 0x5603 0x5604 0x5605 0x5606 0x5607 0x5708
+ 0x5609 0x560A 0x560B 0x560C 0x560D 0x560E
+ 0x560F)))
+
+;; Console switch
+(permissionx VT_EVENT_SWITCH (ioctl chr_file (0x0001)))
+
+;; Screen blank
+(permissionx VT_EVENT_BLANK (ioctl chr_file (0x0002)))
+
+;; Screen unblank
+(permissionx VT_EVENT_UNBLANK (ioctl chr_file (0x0004)))
+
+;; Resize display
+(permissionx VT_EVENT_RESIZE (ioctl chr_file (0x0008)))
+
+;; Find available VT
+(permissionx VT_OPENQRY (ioctl chr_file (0x5600)))
+
+;; Get mode of active VT
+(permissionx VT_GETMODE (ioctl chr_file (0x5601)))
+
+;; Set mode of active VT
+(permissionx VT_SETMODE (ioctl chr_file (0x5602)))
+
+;; Get global VT state info
+(permissionx VT_GETSTATE (ioctl chr_file (0x5603)))
+
+;; Signal to send to bitmask VT
+(permissionx VT_SENDSIG (ioctl chr_file (0x5604)))
+
+;; Release display
+(permissionx VT_RELDISP (ioctl chr_file (0x5605)))
+
+;; Make VT active
+(permissionx VT_ACTIVATE (ioctl chr_file (0x5606)))
+
+;; Wait for VT active
+(permissionx VT_WAITACTIVE (ioctl chr_file (0x5607)))
+
+;; Free memory associated with VT
+(permissionx VT_DISALLOCATE (ioctl chr_file (0x5608)))
+
+;; Set kernel idea of screensize
+(permissionx VT_RESIZE (ioctl chr_file (0x5609)))
+
+;; Set kernel idea of screensize + more
+(permissionx VT_RESIZEX (ioctl chr_file (0x560A)))
+
+;; Disallow VT switching
+(permissionx VT_LOCKSWITCH (ioctl chr_file (0x560B)))
+
+;; Allow VT switching
+(permissionx VT_UNLOCKSWITCH (ioctl chr_file (0x560C)))
+
+;; Return hi font mask
+(permissionx VT_GETHIFONTMASK (ioctl chr_file (0x560D)))
+
+;; Wait for an event
+(permissionx VT_WAITEVENT (ioctl chr_file (0x560E)))
+
+;; Activate and set the mode of VT
+(permissionx VT_SETACTIVATE (ioctl chr_file (0x560F)))