Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-9]: src/sys Pull up following revision(s) (requested by maxv in t...



details:   https://anonhg.NetBSD.org/src/rev/945964e6852b
branches:  netbsd-9
changeset: 454277:945964e6852b
user:      martin <martin%NetBSD.org@localhost>
date:      Fri Sep 13 06:25:25 2019 +0000

description:
Pull up following revision(s) (requested by maxv in ticket #194):

        sys/compat/linux/common/linux_socket.c: revision 1.146
        sys/compat/linux/common/linux_socket.c: revision 1.147
        sys/compat/linux/common/linux_socket.c: revision 1.148
        sys/compat/linux/common/linux_socket.c: revision 1.149
        sys/compat/linux/arch/amd64/linux_machdep.c: revision 1.59
        sys/compat/linux32/common/linux32_sysinfo.c: revision 1.8
        sys/kern/sysv_shm.c: revision 1.138
        sys/compat/linux/common/linux_file64.c: revision 1.61
        sys/compat/linux/common/linux_file64.c: revision 1.62
        sys/compat/netbsd32/netbsd32_compat_43.c: revision 1.58
        sys/compat/linux32/common/linux32_dirent.c: revision 1.20
        sys/compat/linux32/common/linux32_utsname.c: revision 1.10
        sys/compat/linux/common/linux_termios.h: revision 1.22
        sys/compat/linux32/common/linux32_termios.c: revision 1.15
        sys/compat/linux32/common/linux32_misc.c: revision 1.27
        sys/compat/linux32/common/linux32_ioctl.c: revision 1.14
        sys/compat/linux/common/linux_statfs.h: revision 1.7
        sys/compat/linux/common/linux_ipc.c: revision 1.57
        sys/compat/linux/common/linux_fcntl.h: revision 1.18
        sys/compat/linux/common/linux_socket.h: revision 1.24
        sys/sys/shm.h: revision 1.54
        sys/compat/ossaudio/ossaudio.c: revision 1.75
        sys/compat/linux32/common/linux32_signal.c: revision 1.20
        sys/miscfs/procfs/procfs_linux.c: revision 1.75
        sys/compat/linux/common/linux_signal.c: revision 1.81
        sys/compat/linux/common/linux_termios.c: revision 1.38
        sys/compat/linux/common/linux_misc.c: revision 1.241
        sys/compat/linux/common/linux_misc.c: revision 1.242
        sys/compat/linux/common/linux_misc.c: revision 1.243
        sys/compat/linux/common/linux_misc.c: revision 1.244

Fix info leaks.

Fix stupid bugs in linux_sys_shmctl(): the index could be out of bound
(page fault) and there was no proper locking.
Maybe we should just remove LINUX_SHM_STAT, like compat_linux32.

Remove printf.

When dealing with an unknown value, set -1, to prevent (harmless)
uninitialized accesses later.

Add a default case, don't call sys_ioctl() with an uninitialized 'com'
argument.

Fix error handling, returns an errno, not -1.

Put the printf under DEBUG_LINUX.


Hum, don't forget the 'pid' argument, otherwise we're not gonna go very
far.

Don't read data from userland directly. This simply does not work on any
recent x86 CPU (thanks to SMAP) and all architectures that forbid direct
access to userland from the kernel. But I guess no one noticed because no
one ever uses compat_linux, right?

Hum, don't pass an mbuf to realloc(). Inspired from copyin32_msg_control().

Fix memory leak.

I don't see the point in having this useless printf, but add a '\n' to it,
so that it at least displays useless stuff correctly.

Hum, remove incorrect assignment. Userland could have passed a smaller
namelen, and the uninitialized bytes from sb_data were being used later in
the network stack.

diffstat:

 sys/compat/linux/arch/amd64/linux_machdep.c |   5 ++---
 sys/compat/linux/common/linux_fcntl.h       |   5 ++++-
 sys/compat/linux/common/linux_file64.c      |   6 ++++--
 sys/compat/linux/common/linux_ipc.c         |  10 +++++++---
 sys/compat/linux/common/linux_misc.c        |   9 ++++++---
 sys/compat/linux/common/linux_signal.c      |   5 +++--
 sys/compat/linux/common/linux_socket.c      |  19 ++++++++++---------
 sys/compat/linux/common/linux_socket.h      |  12 ++++++------
 sys/compat/linux/common/linux_statfs.h      |   8 +++++---
 sys/compat/linux/common/linux_termios.c     |   5 +++--
 sys/compat/linux/common/linux_termios.h     |   4 +++-
 sys/compat/linux32/common/linux32_dirent.c  |   5 +++--
 sys/compat/linux32/common/linux32_ioctl.c   |   6 ++++--
 sys/compat/linux32/common/linux32_misc.c    |   6 ++++--
 sys/compat/linux32/common/linux32_signal.c  |   5 +++--
 sys/compat/linux32/common/linux32_sysinfo.c |   5 +++--
 sys/compat/linux32/common/linux32_termios.c |   5 +++--
 sys/compat/linux32/common/linux32_utsname.c |   7 +++++--
 sys/compat/netbsd32/netbsd32_compat_43.c    |   5 +++--
 sys/compat/ossaudio/ossaudio.c              |   8 ++++----
 sys/kern/sysv_shm.c                         |  24 ++++++++++++++++++++++--
 sys/miscfs/procfs/procfs_linux.c            |   6 ++++--
 sys/sys/shm.h                               |   4 +++-
 23 files changed, 114 insertions(+), 60 deletions(-)

diffs (truncated from 754 to 300 lines):

diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/arch/amd64/linux_machdep.c
--- a/sys/compat/linux/arch/amd64/linux_machdep.c       Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/arch/amd64/linux_machdep.c       Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_machdep.c,v 1.58 2019/05/19 08:46:15 maxv Exp $ */
+/*     $NetBSD: linux_machdep.c,v 1.58.2.1 2019/09/13 06:25:25 martin Exp $ */
 
 /*-
  * Copyright (c) 2005 Emmanuel Dreyfus, all rights reserved.
@@ -33,7 +33,7 @@
 
 #include <sys/cdefs.h>
 
-__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.58 2019/05/19 08:46:15 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.58.2.1 2019/09/13 06:25:25 martin Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -263,7 +263,6 @@
 int
 linux_sys_modify_ldt(struct lwp *l, const struct linux_sys_modify_ldt_args *v, register_t *retval)
 {
-       printf("linux_sys_modify_ldt\n");
        return 0;
 }
 
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_fcntl.h
--- a/sys/compat/linux/common/linux_fcntl.h     Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_fcntl.h     Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_fcntl.h,v 1.17 2015/03/01 13:19:39 njoly Exp $   */
+/*     $NetBSD: linux_fcntl.h,v 1.17.22.1 2019/09/13 06:25:25 martin Exp $     */
 
 /*-
  * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -132,6 +132,9 @@
        case src_f##_WRLCK: \
                dst->l_type = dst_f##_WRLCK; \
                break; \
+       default: \
+               dst->l_type = -1; \
+               break; \
        } \
     }
 
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_file64.c
--- a/sys/compat/linux/common/linux_file64.c    Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_file64.c    Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_file64.c,v 1.60 2018/09/03 16:29:29 riastradh Exp $      */
+/*     $NetBSD: linux_file64.c,v 1.60.4.1 2019/09/13 06:25:25 martin Exp $     */
 
 /*-
  * Copyright (c) 1995, 1998, 2000, 2008 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_file64.c,v 1.60 2018/09/03 16:29:29 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_file64.c,v 1.60.4.1 2019/09/13 06:25:25 martin Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -80,6 +80,7 @@
 static void
 bsd_to_linux_stat(struct stat *bsp, struct linux_stat64 *lsp)
 {
+       memset(lsp, 0, sizeof(*lsp));
        lsp->lst_dev     = linux_fakedev(bsp->st_dev, 0);
        lsp->lst_ino     = bsp->st_ino;
        lsp->lst_mode    = (linux_mode_t)bsp->st_mode;
@@ -352,6 +353,7 @@
                 * we have to worry about touching user memory outside of
                 * the copyout() call).
                 */
+               memset(&idb, 0, sizeof(idb));
                idb.d_ino = bdp->d_fileno;
                idb.d_type = bdp->d_type;
                idb.d_off = off;
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_ipc.c
--- a/sys/compat/linux/common/linux_ipc.c       Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_ipc.c       Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_ipc.c,v 1.56 2019/02/21 03:37:18 mrg Exp $       */
+/*     $NetBSD: linux_ipc.c,v 1.56.4.1 2019/09/13 06:25:25 martin Exp $        */
 
 /*-
  * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_ipc.c,v 1.56 2019/02/21 03:37:18 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_ipc.c,v 1.56.4.1 2019/09/13 06:25:25 martin Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_sysv.h"
@@ -568,6 +568,7 @@
                syscallarg(struct linux_shmid_ds *) buf;
        } */
        struct shmid_ds bs;
+       struct ipc_perm perm;
        struct linux_shmid_ds ls;
        struct linux_shmid64_ds ls64;
        struct linux_shminfo64 lsi64;
@@ -582,7 +583,10 @@
 
        switch (cmd & ~LINUX_IPC_64) {
        case LINUX_SHM_STAT:
-               shmid = IXSEQ_TO_IPCID(shmid, shmsegs[shmid].shm_perm);
+               error = shm_find_segment_perm_by_index(shmid, &perm);
+               if (error)
+                       return error;
+               shmid = IXSEQ_TO_IPCID(shmid, perm);
                retval[0] = shmid;
                /*FALLTHROUGH*/
 
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_misc.c
--- a/sys/compat/linux/common/linux_misc.c      Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_misc.c      Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_misc.c,v 1.240 2018/09/03 16:29:29 riastradh Exp $       */
+/*     $NetBSD: linux_misc.c,v 1.240.4.1 2019/09/13 06:25:25 martin Exp $      */
 
 /*-
  * Copyright (c) 1995, 1998, 1999, 2008 The NetBSD Foundation, Inc.
@@ -57,7 +57,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_misc.c,v 1.240 2018/09/03 16:29:29 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_misc.c,v 1.240.4.1 2019/09/13 06:25:25 martin Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -240,7 +240,7 @@
 # ifdef DIAGNOSTIC
        if (linux_options & LINUX_WAIT4_WNOTHREAD)
                printf("WARNING: %s: linux process %d.%d called "
-                      "waitpid with __WNOTHREAD set!",
+                      "waitpid with __WNOTHREAD set!\n",
                       __FILE__, l->l_proc->p_pid, l->l_lid);
 
 # endif
@@ -351,6 +351,7 @@
        } */
        struct linux_utsname luts;
 
+       memset(&luts, 0, sizeof(luts));
        strlcpy(luts.l_sysname, linux_sysname, sizeof(luts.l_sysname));
        strlcpy(luts.l_nodename, hostname, sizeof(luts.l_nodename));
        strlcpy(luts.l_release, linux_release, sizeof(luts.l_release));
@@ -771,6 +772,7 @@
                 * we have to worry about touching user memory outside of
                 * the copyout() call).
                 */
+               memset(&idb, 0, sizeof(idb));
                idb.d_ino = bdp->d_fileno;
                /*
                 * The old readdir() call misuses the offset and reclen fields.
@@ -1345,6 +1347,7 @@
        struct linux_sysinfo si;
        struct loadavg *la;
 
+       memset(&si, 0, sizeof(si));
        si.uptime = time_uptime;
        la = &averunnable;
        si.loads[0] = la->ldavg[0] * LINUX_SYSINFO_LOADS_SCALE / la->fscale;
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_signal.c
--- a/sys/compat/linux/common/linux_signal.c    Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_signal.c    Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_signal.c,v 1.80 2018/01/07 21:14:38 christos Exp $       */
+/*     $NetBSD: linux_signal.c,v 1.80.8.1 2019/09/13 06:25:25 martin Exp $     */
 
 /*-
  * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -48,7 +48,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_signal.c,v 1.80 2018/01/07 21:14:38 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_signal.c,v 1.80.8.1 2019/09/13 06:25:25 martin Exp $");
 
 #define COMPAT_LINUX 1
 
@@ -683,6 +683,7 @@
 void
 native_to_linux_sigaltstack(struct linux_sigaltstack *lss, const struct sigaltstack *bss)
 {
+       memset(lss, 0, sizeof(*lss));
        lss->ss_sp = bss->ss_sp;
        lss->ss_size = bss->ss_size;
        if (bss->ss_flags & SS_ONSTACK)
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_socket.c
--- a/sys/compat/linux/common/linux_socket.c    Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_socket.c    Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_socket.c,v 1.145 2019/04/18 17:45:12 christos Exp $      */
+/*     $NetBSD: linux_socket.c,v 1.145.4.1 2019/09/13 06:25:25 martin Exp $    */
 
 /*-
  * Copyright (c) 1995, 1998, 2008 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.145 2019/04/18 17:45:12 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.145.4.1 2019/09/13 06:25:25 martin Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -546,6 +546,8 @@
 
                                case LINUX_SCM_CREDENTIALS:
                                        /* no native equivalent, just drop it */
+                                       if (control != mtod(ctl_mbuf, void *))
+                                               free(control, M_MBUF);
                                        m_free(ctl_mbuf);
                                        ctl_mbuf = NULL;
                                        msg.msg_control = NULL;
@@ -568,14 +570,15 @@
                        /* Check the buffer is big enough */
                        if (__predict_false(cidx + cspace > clen)) {
                                u_int8_t *nc;
+                               size_t nclen;
 
-                               clen = cidx + cspace;
-                               if (clen >= PAGE_SIZE) {
+                               nclen = cidx + cspace;
+                               if (nclen >= PAGE_SIZE) {
                                        error = EINVAL;
                                        goto done;
                                }
                                nc = realloc(clen <= MLEN ? NULL : control,
-                                               clen, M_TEMP, M_WAITOK);
+                                               nclen, M_TEMP, M_WAITOK);
                                if (!nc) {
                                        error = ENOMEM;
                                        goto done;
@@ -584,6 +587,7 @@
                                        /* Old buffer was in mbuf... */
                                        memcpy(nc, control, cidx);
                                control = nc;
+                               clen = nclen;
                        }
 
                        /* Copy header */
@@ -605,7 +609,7 @@
 
                        resid -= LINUX_CMSG_ALIGN(l_cmsg.cmsg_len);
                        cidx += cspace;
-               } while ((l_cc = LINUX_CMSG_NXTHDR(&msg, l_cc)) && resid > 0);
+               } while ((l_cc = LINUX_CMSG_NXTHDR(&msg, l_cc, &l_cmsg)) && resid > 0);
 
                /* If we allocated a buffer, attach to mbuf */
                if (cidx > MLEN) {
@@ -1605,9 +1609,6 @@
                sin6->sin6_scope_id = 0;
        }
 
-       if (bdom == AF_INET)
-               namelen = sizeof(struct sockaddr_in);
-
        sb->sb_family = bdom;
        sb->sb_len = namelen;
        ktrkuser("mbsoname", sb, namelen);
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_socket.h
--- a/sys/compat/linux/common/linux_socket.h    Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_socket.h    Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_socket.h,v 1.23 2017/02/03 16:57:39 christos Exp $       */
+/*     $NetBSD: linux_socket.h,v 1.23.18.1 2019/09/13 06:25:25 martin Exp $    */
 
 /*-
  * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -186,13 +186,13 @@
 /* Linux either uses this, or  &((cmsg)->__cmsg_data) */
 #define LINUX_CMSG_DATA(cmsg)  \
        ((u_char *)((struct linux_cmsghdr *)(cmsg) + 1))
-#define        LINUX_CMSG_NXTHDR(mhdr, cmsg)   \
-       ((((char *)(cmsg) + LINUX_CMSG_ALIGN((cmsg)->cmsg_len) + \
-                           sizeof(*(cmsg))) > \
+#define LINUX_CMSG_NXTHDR(mhdr, ucmsg, kcmsg)  \
+       ((((char *)(ucmsg) + LINUX_CMSG_ALIGN((kcmsg)->cmsg_len) + \
+                           sizeof(*(ucmsg))) > \
            (((char *)(mhdr)->msg_control) + (mhdr)->msg_controllen)) ? \
            (struct linux_cmsghdr *)NULL : \
-           (struct linux_cmsghdr *)((char *)(cmsg) + \
-               LINUX_CMSG_ALIGN((cmsg)->cmsg_len)))
+           (struct linux_cmsghdr *)((char *)(ucmsg) + \
+               LINUX_CMSG_ALIGN((kcmsg)->cmsg_len)))
 /* This the number of bytes removed from each item (excl. final padding) */
 #define LINUX_CMSG_ALIGN_DELTA \
        (CMSG_ALIGN(sizeof(struct cmsghdr)) - sizeof(struct linux_cmsghdr))
diff -r c6dd21910709 -r 945964e6852b sys/compat/linux/common/linux_statfs.h
--- a/sys/compat/linux/common/linux_statfs.h    Thu Sep 12 19:21:16 2019 +0000
+++ b/sys/compat/linux/common/linux_statfs.h    Fri Sep 13 06:25:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_statfs.h,v 1.6 2012/09/13 13:59:33 pooka Exp $   */



Home | Main Index | Thread Index | Old Index