Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [netbsd-11] src



Module Name:    src
Committed By:   martin
Date:           Mon Jun 29 19:52:23 UTC 2026

Modified Files:
        src/distrib/sets/lists/debug [netbsd-11]: mi
        src/distrib/sets/lists/tests [netbsd-11]: mi
        src/etc [netbsd-11]: MAKEDEV.tmpl
        src/sys/modules/lua [netbsd-11]: lua.c
        src/sys/sys [netbsd-11]: lua.h
        src/tests/kernel [netbsd-11]: Makefile
Added Files:
        src/tests/kernel [netbsd-11]: t_lua.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #350):

        sys/modules/lua/lua.c: revision 1.29
        distrib/sets/lists/tests/mi: revision 1.1422
        tests/kernel/t_lua.c: revision 1.1
        etc/MAKEDEV.tmpl: revision 1.239
        distrib/sets/lists/debug/mi: revision 1.514
        tests/kernel/Makefile: revision 1.97
        sys/sys/lua.h: revision 1.10

MAKEDEV: Set default perms on /dev/lua to 0600.

Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation

lua(4): Fix and test some issues.

- Require read permission for LUAINFO.
- Require write permission for all others:
  . LUACREATE
  . LUADESTROY
  . LUALOAD
  . LUAREQUIRE
- Don't panic in LUAINFO if there's zero states.
- Add missing sys/stdbool.h in sys/lua.h.

This is not a real test suite for lua.kmod -- it doesn't verify the
module does anything useful; it just verifies that _if_ you go out of
your way to load the experimental kernel module, it doesn't enable
unprivileged users to wreak havoc with /dev/lua.

PR misc/60375: lua.kmod enables local privilege escalation


To generate a diff of this commit:
cvs rdiff -u -r1.485.2.8 -r1.485.2.9 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.1387.2.8 -r1.1387.2.9 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.237 -r1.237.2.1 src/etc/MAKEDEV.tmpl
cvs rdiff -u -r1.28 -r1.28.12.1 src/sys/modules/lua/lua.c
cvs rdiff -u -r1.9 -r1.9.8.1 src/sys/sys/lua.h
cvs rdiff -u -r1.96 -r1.96.2.1 src/tests/kernel/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/tests/kernel/t_lua.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index