svn commit: r353640 - head/sys/kern

[Andrew Turner]

Author: andrew
Date: Wed Oct 16 13:21:01 2019
New Revision: 353640
URL: https://svnweb.freebsd.org/changeset/base/353640

Log:
  Stop leaking information from the kernel through timespec
  
  The timespec struct holds a seconds value in a time_t and a nanoseconds
  value in a long. On most architectures these are the same size, however
  on 32-bit architectures other than i386 time_t is 8 bytes and long is
  4 bytes.
  
  Most ABIs will then pad a struct holding an 8 byte and 4 byte value to
  16 bytes with 4 bytes of padding. When copying one of these structs the
  compiler is free to copy the padding if it wishes.
  
  In this case the padding may contain kernel data that is then leaked to
  userspace. Fix this by copying the timespec elements rather than the
  entire struct.
  
  This doesn't affect Tier-1 architectures so no SA is expected.
  
  admbugs:	651
  MFC after:	1 week
  Sponsored by:	DARPA, AFRL

Modified:
  head/sys/kern/vfs_vnops.c

Modified: head/sys/kern/vfs_vnops.c
==============================================================================
--- head/sys/kern/vfs_vnops.c	Wed Oct 16 13:20:36 2019	(r353639)
+++ head/sys/kern/vfs_vnops.c	Wed Oct 16 13:21:01 2019	(r353640)
@@ -1455,10 +1455,14 @@ vn_stat(struct vnode *vp, struct stat *sb, struct ucre
 	if (vap->va_size > OFF_MAX)
 		return (EOVERFLOW);
 	sb->st_size = vap->va_size;
-	sb->st_atim = vap->va_atime;
-	sb->st_mtim = vap->va_mtime;
-	sb->st_ctim = vap->va_ctime;
-	sb->st_birthtim = vap->va_birthtime;
+	sb->st_atim.tv_sec = vap->va_atime.tv_sec;
+	sb->st_atim.tv_nsec = vap->va_atime.tv_nsec;
+	sb->st_mtim.tv_sec = vap->va_mtime.tv_sec;
+	sb->st_mtim.tv_nsec = vap->va_mtime.tv_nsec;
+	sb->st_ctim.tv_sec = vap->va_ctime.tv_sec;
+	sb->st_ctim.tv_nsec = vap->va_ctime.tv_nsec;
+	sb->st_birthtim.tv_sec = vap->va_birthtime.tv_sec;
+	sb->st_birthtim.tv_nsec = vap->va_birthtime.tv_nsec;
 
         /*
 	 * According to www.opengroup.org, the meaning of st_blksize is