From nobody Fri Dec 17 18:11:51 2021 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C862118EFAD9; Fri, 17 Dec 2021 18:11:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JFxrm1ZJ2z4hvx; Fri, 17 Dec 2021 18:11:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C574F20562; Fri, 17 Dec 2021 18:11:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BHIBpvC005082; Fri, 17 Dec 2021 18:11:51 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BHIBprw005081; Fri, 17 Dec 2021 18:11:51 GMT (envelope-from git) Date: Fri, 17 Dec 2021 18:11:51 GMT Message-Id: <202112171811.1BHIBprw005081@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 36bd49ac4db8 - main - fd: Avoid truncating output buffers for KERN_PROC_{CWD,FILEDESC} List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 36bd49ac4db8c62a3b354094646cbd8547ad2c51 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1639764712; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=utLod58df/BWvg0He6u5GYrumzOzbUo4T5wGpK4JXZ4=; b=WBJTfvC/xjNTY/h340pD+zbybX0kK8/OUzH4wEV+GUCkzF851F97bX8qUCBrRz22PSZfT2 cDUl+snZV2nzAyEd6sDsPniyLe8xuMWtU7Ej1WmIjUoXEjX9btjMtvrqnWwXVQB0DnsEr9 kyW/2WW+BAdDXBWslvhfXTYBYNnRJ46ieGgiSiBmDuwuSV78Dtd0W/tPrjn6okovYU3OWE bmQjzrFFQz1bEXSa2Sbmp34C3ReEiFp/yhGmdLJDYOIxja8xs26TyUKv969PYJ7glS/X8V KRNL9f5xIDlYxKpUEvRy89PKHFqCJIFxuQzMHZzJ1nAQ1ZMwvjwQgrcOFP+fdQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1639764712; a=rsa-sha256; cv=none; b=ZEwwCPObd4VKn2FYG6bEbWkQ90Ne/cwZ6E871nw3ucR5Kd1nNDY8I2uqb76RuG0YbzE7qO z4yg2uLZJ8XDf/kHROpZNyTaeocrO8CJ81aNV1ssmAgFCz6E7lfvrpNO5OzHZxgmqFpkaZ 8TCAFxhwQCDkxGTOaoooM5clC8uVSTQWtabSFO5hYJUem8UBfqC4MIEJ/BbBIs+jcG7XfO VBtwkS5a9hqvw+6BY+h7tkBaDPBpju9SLhiodbGCJBjUlNxRnaTRFmgu9MKsqzJVyrQ5X5 1iMizChuzHUu7g6QjYO4dHMGWLQSu+stYo6KjITA01Nhfs4noun1kndt9iI2Kw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=36bd49ac4db8c62a3b354094646cbd8547ad2c51 commit 36bd49ac4db8c62a3b354094646cbd8547ad2c51 Author: Mark Johnston AuthorDate: 2021-12-16 21:07:04 +0000 Commit: Mark Johnston CommitDate: 2021-12-17 18:10:23 +0000 fd: Avoid truncating output buffers for KERN_PROC_{CWD,FILEDESC} These sysctls failed to return an error if the caller had provided too short an output buffer. Change them to return ENOMEM instead, to ensure that callers can detect truncation in the face of a concurrently changing fd table. PR: 228432 Discussed with: cem, jhb MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D15607 --- sys/kern/kern_descrip.c | 54 ++++++++++++++++++++++++++----------------------- 1 file changed, 29 insertions(+), 25 deletions(-) diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index fb2dc4fdc94e..d5d22ecfc522 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -4290,14 +4290,13 @@ export_kinfo_to_sb(struct export_fd_buf *efbuf) kif = &efbuf->kif; if (efbuf->remainder != -1) { - if (efbuf->remainder < kif->kf_structsize) { - /* Terminate export. */ - efbuf->remainder = 0; - return (0); - } + if (efbuf->remainder < kif->kf_structsize) + return (ENOMEM); efbuf->remainder -= kif->kf_structsize; } - return (sbuf_bcat(efbuf->sb, kif, kif->kf_structsize) == 0 ? 0 : ENOMEM); + if (sbuf_bcat(efbuf->sb, kif, kif->kf_structsize) != 0) + return (sbuf_error(efbuf->sb)); + return (0); } static int @@ -4307,7 +4306,7 @@ export_file_to_sb(struct file *fp, int fd, cap_rights_t *rightsp, int error; if (efbuf->remainder == 0) - return (0); + return (ENOMEM); export_file_to_kinfo(fp, fd, rightsp, &efbuf->kif, efbuf->fdp, efbuf->flags); FILEDESC_SUNLOCK(efbuf->fdp); @@ -4323,7 +4322,7 @@ export_vnode_to_sb(struct vnode *vp, int fd, int fflags, int error; if (efbuf->remainder == 0) - return (0); + return (ENOMEM); if (efbuf->pdp != NULL) PWDDESC_XUNLOCK(efbuf->pdp); export_vnode_to_kinfo(vp, fd, fflags, &efbuf->kif, efbuf->flags); @@ -4369,22 +4368,25 @@ kern_proc_filedesc_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, fdp = fdhold(p); pdp = pdhold(p); PROC_UNLOCK(p); + efbuf = malloc(sizeof(*efbuf), M_TEMP, M_WAITOK); efbuf->fdp = NULL; efbuf->pdp = NULL; efbuf->sb = sb; efbuf->remainder = maxlen; efbuf->flags = flags; + + error = 0; if (tracevp != NULL) - export_vnode_to_sb(tracevp, KF_FD_TYPE_TRACE, FREAD | FWRITE, + error = export_vnode_to_sb(tracevp, KF_FD_TYPE_TRACE, + FREAD | FWRITE, efbuf); + if (error == 0 && textvp != NULL) + error = export_vnode_to_sb(textvp, KF_FD_TYPE_TEXT, FREAD, efbuf); - if (textvp != NULL) - export_vnode_to_sb(textvp, KF_FD_TYPE_TEXT, FREAD, efbuf); - if (cttyvp != NULL) - export_vnode_to_sb(cttyvp, KF_FD_TYPE_CTTY, FREAD | FWRITE, - efbuf); - error = 0; - if (pdp == NULL || fdp == NULL) + if (error == 0 && cttyvp != NULL) + error = export_vnode_to_sb(cttyvp, KF_FD_TYPE_CTTY, + FREAD | FWRITE, efbuf); + if (error != 0 || pdp == NULL || fdp == NULL) goto fail; efbuf->fdp = fdp; efbuf->pdp = pdp; @@ -4394,23 +4396,25 @@ kern_proc_filedesc_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, /* working directory */ if (pwd->pwd_cdir != NULL) { vrefact(pwd->pwd_cdir); - export_vnode_to_sb(pwd->pwd_cdir, KF_FD_TYPE_CWD, - FREAD, efbuf); + error = export_vnode_to_sb(pwd->pwd_cdir, + KF_FD_TYPE_CWD, FREAD, efbuf); } /* root directory */ - if (pwd->pwd_rdir != NULL) { + if (error == 0 && pwd->pwd_rdir != NULL) { vrefact(pwd->pwd_rdir); - export_vnode_to_sb(pwd->pwd_rdir, KF_FD_TYPE_ROOT, - FREAD, efbuf); + error = export_vnode_to_sb(pwd->pwd_rdir, + KF_FD_TYPE_ROOT, FREAD, efbuf); } /* jail directory */ - if (pwd->pwd_jdir != NULL) { + if (error == 0 && pwd->pwd_jdir != NULL) { vrefact(pwd->pwd_jdir); - export_vnode_to_sb(pwd->pwd_jdir, KF_FD_TYPE_JAIL, - FREAD, efbuf); + error = export_vnode_to_sb(pwd->pwd_jdir, + KF_FD_TYPE_JAIL, FREAD, efbuf); } } PWDDESC_XUNLOCK(pdp); + if (error != 0) + goto fail; if (pwd != NULL) pwd_drop(pwd); FILEDESC_SLOCK(fdp); @@ -4430,7 +4434,7 @@ kern_proc_filedesc_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, * loop continues. */ error = export_file_to_sb(fp, i, &rights, efbuf); - if (error != 0 || efbuf->remainder == 0) + if (error != 0) break; } FILEDESC_SUNLOCK(fdp);