[patch] lockf(3) user-exploitable kernel panic
eivind at FreeBSD.org
Thu Apr 15 04:08:37 PDT 2004
On Wed, Apr 14, 2004 at 01:51:03PM +0200, Devon H. O'Dell wrote:
> Jilles Tjoelker wrote:
> >e) add a line 'struct proc;' to sys/ucred.h
> Thanks for this suggestion; I wasn't aware that this was reasonably
> possible from an architectural standpoint.
Most of the sys/* files are really owned by the implementation, and it
is usually OK to introduce forward declarations into them. We try to
avoid namespace poisoning (introducing unknown variables) for the
official files, but that also happens sometimes.
Also, many of the files (including sys/ucred.h) has an #ifdef _KERNEL
section. This section is totally owned by the implementation, and it is
(almost) always OK to add forward declarations.
The list of official sys/ includes can be fetched at
> >>3) Does this work justify my going through the modified files and doing
> >>style(9) changes on them? I'm willing to do this; mux@ has encouraged
> >>it; style(9) suggests that I do it if my code comprises 50% or more of
> >>the new files (which it doesn't). Again, if this is useful, I'll
> >>certainly do this.
> >Some of the files have a mixture of K&R-style and ANSI function
> I'll look into implementing style(9) changes then. I know my patch fails
> a style(9) check in some contexts, so I'll go a general cleanup as well.
Please do that separately from the main patch. We try quite hard to not
mix stylistic and functional changes in a single patch, to make it easy
to use the version history (and easy for people to review the patches).
> sh has been fixed. I was under the impression that csh used libutil for
> this (libutil has been fixed). I'll take a deeper look into shells in
> base and in ports and figure out what changes I need to make there.
> While I'm at it, I don't think it'd be a bad idea to go ahead and build
> in the RLIMIT_SBSIZE to bash and bash2.
If it is easy, it might be worthwhile to patch the shells to use
libutil and submit those patches back to the maintainers.
> >Limiting the number of locked regions is not uncommon, e.g. Solaris does
> >it (the manpage seems to indicate a per-system limitation only, though).
> >Interesting part from Linux getrlimit(2) manpage:
> > RLIMIT_LOCKS
> > A limit on the combined number of flock() locks and
> > fcntl()
> > leases that this process may establish (Linux 2.4 and later).
> >Per-user instead of per-process limits are harder to implement but
> >more effective.
> Ok. I was not aware that Linux had this fix / feature already. I'll take
> a look into the CVS repos of the other BSDs and see if it's something I
> can suggest a patch for in those worlds.
It'd be nice to be compatible with Linux here, as it means just a define
is needed for making apps work with it on FreeBSD (it may even
automatically happen due to configure scripts.)
More information about the freebsd-arch