Re: [filemon] CVS commit: htdocs/support/security

To: Andrew Doran <ad%netbsd.org@localhost>, tech-kern%netbsd.org@localhost
Subject: Re: [filemon] CVS commit: htdocs/support/security
From: Maxime Villard <max%m00nbsd.net@localhost>
Date: Tue, 17 Dec 2019 19:26:02 +0100

Le 17/12/2019 à 15:44, Andrew Doran a écrit :

Typically with a character device, the kmod can get unloaded while an ioctl
is being executed on it.


That's solvable.  Conceptually I think the main stumbling block is that
there are two layers at play which need to reconciled: specfs and devsw.  It
could also be an opportunity to lessen the distinction between block and
character devices, there's no real need for cached access from userspace,
that would simplify things too.

When it comes to syscalls, I haven't looked
closely, but the issue is likely the same.


It's atomic and side effect free if done correctly.  We have pleasing
examples of this.  This is hard to get right though, so naturally mistakes
are made.


Now that I'm looking at the syscall_{dis}establish() functions in detail,
I see that indeed the l_sysent checking is a good idea and does not require
refcounts; however the accesses on 'sy_call' should be atomic_relaxed. The
cost of these atomics is my concern.

Maxime

References:
- [filemon] CVS commit: htdocs/support/security
  - From: Maxime Villard
- Re: [filemon] CVS commit: htdocs/support/security
  - From: Kamil Rytarowski
- Re: [filemon] CVS commit: htdocs/support/security
  - From: Maxime Villard
- Re: [filemon] CVS commit: htdocs/support/security
  - From: Kamil Rytarowski
- Re: [filemon] CVS commit: htdocs/support/security
  - From: Maxime Villard
- Re: [filemon] CVS commit: htdocs/support/security
  - From: Andrew Doran

Prev by Date: Re: New cpu_count races; seqlocks?
Next by Date: Re: [filemon] CVS commit: htdocs/support/security
Previous by Thread: Re: [filemon] CVS commit: htdocs/support/security
Next by Thread: Re: [filemon] CVS commit: htdocs/support/security
Indexes:

Home | Main Index | Thread Index | Old Index