Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys for sysv ipc stat operations, explicitly copy the export...
details: https://anonhg.NetBSD.org/src/rev/bda3f2bbea6a
branches: trunk
changeset: 449074:bda3f2bbea6a
user: mrg <mrg%NetBSD.org@localhost>
date: Thu Feb 21 03:37:18 2019 +0000
description:
for sysv ipc stat operations, explicitly copy the exported parts
instead of the whole ds structure.
besides triggering a recently added assert in netbsd32, this stops
exposing kernel addresses.
copy the mode clamping to 0777 from sem to shm and msg.
while here, make sure that the compat callers to sysv_ipc clear
the contents of the compat structure before setting the result
members to ensure padding bytes are cleared.
don't set/copy _sem_base, _msg_first, _msg_last or _shm_internal.
even if used, which seems very dodgy, they leak KVAs as well.
possibly this may affect linux binaries, in particular, the
comments around _shm_internal ("XXX Oh well.") may mean apps
rely upon these but hopefully not -- the comments date back to
rev 1.1 in 1995.
the _key, _seq and _msg_cbytes members are exported as before as
i found multiple consumers of these (no less than ipcs(1), and
they appear to be useful for debugging and more.
XXX: the naming of compat functions have too many styles. there
are at least 3 different ones changed here.
diffstat:
sys/compat/linux/common/linux_ipc.c | 29 ++++++++++++---------
sys/compat/linux32/common/linux32_ipccall.c | 36 +++++++++++++++------------
sys/compat/netbsd32/netbsd32_compat_14.c | 9 ++++--
sys/compat/netbsd32/netbsd32_compat_14_sysv.c | 9 ++++--
sys/compat/netbsd32/netbsd32_conv.h | 26 +++++++++----------
sys/compat/sys/ipc.h | 4 ++-
sys/compat/sys/msg.h | 6 +++-
sys/compat/sys/sem.h | 4 ++-
sys/compat/sys/shm.h | 4 ++-
sys/kern/sysv_msg.c | 15 +++++++++--
sys/kern/sysv_sem.c | 10 +++++--
sys/kern/sysv_shm.c | 15 +++++++++--
12 files changed, 104 insertions(+), 63 deletions(-)
diffs (truncated from 820 to 300 lines):
diff -r 9c6bc86b1356 -r bda3f2bbea6a sys/compat/linux/common/linux_ipc.c
--- a/sys/compat/linux/common/linux_ipc.c Thu Feb 21 01:20:45 2019 +0000
+++ b/sys/compat/linux/common/linux_ipc.c Thu Feb 21 03:37:18 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: linux_ipc.c,v 1.55 2011/05/28 23:24:58 alnsn Exp $ */
+/* $NetBSD: linux_ipc.c,v 1.56 2019/02/21 03:37:18 mrg Exp $ */
/*-
* Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_ipc.c,v 1.55 2011/05/28 23:24:58 alnsn Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_ipc.c,v 1.56 2019/02/21 03:37:18 mrg Exp $");
#if defined(_KERNEL_OPT)
#include "opt_sysv.h"
@@ -117,6 +117,7 @@
bsd_to_linux_ipc_perm(struct ipc_perm *bpp, struct linux_ipc_perm *lpp)
{
+ memset(lpp, 0, sizeof *lpp);
lpp->l_key = bpp->_key;
lpp->l_uid = bpp->uid;
lpp->l_gid = bpp->gid;
@@ -129,6 +130,8 @@
void
bsd_to_linux_ipc64_perm(struct ipc_perm *bpp, struct linux_ipc64_perm *lpp)
{
+
+ memset(lpp, 0, sizeof *lpp);
lpp->l_key = bpp->_key;
lpp->l_uid = bpp->uid;
lpp->l_gid = bpp->gid;
@@ -152,16 +155,19 @@
void
bsd_to_linux_semid_ds(struct semid_ds *bs, struct linux_semid_ds *ls)
{
+
+ memset(ls, 0, sizeof *ls);
bsd_to_linux_ipc_perm(&bs->sem_perm, &ls->l_sem_perm);
ls->l_sem_otime = bs->sem_otime;
ls->l_sem_ctime = bs->sem_ctime;
ls->l_sem_nsems = bs->sem_nsems;
- ls->l_sem_base = bs->_sem_base;
}
void
bsd_to_linux_semid64_ds(struct semid_ds *bs, struct linux_semid64_ds *ls)
{
+
+ memset(ls, 0, sizeof *ls);
bsd_to_linux_ipc64_perm(&bs->sem_perm, &ls->l_sem_perm);
ls->l_sem_otime = bs->sem_otime;
ls->l_sem_ctime = bs->sem_ctime;
@@ -171,16 +177,17 @@
void
linux_to_bsd_semid_ds(struct linux_semid_ds *ls, struct semid_ds *bs)
{
+
linux_to_bsd_ipc_perm(&ls->l_sem_perm, &bs->sem_perm);
bs->sem_otime = ls->l_sem_otime;
bs->sem_ctime = ls->l_sem_ctime;
bs->sem_nsems = ls->l_sem_nsems;
- bs->_sem_base = ls->l_sem_base;
}
void
linux_to_bsd_semid64_ds(struct linux_semid64_ds *ls, struct semid_ds *bs)
{
+
linux_to_bsd_ipc64_perm(&ls->l_sem_perm, &bs->sem_perm);
bs->sem_otime = ls->l_sem_otime;
bs->sem_ctime = ls->l_sem_ctime;
@@ -308,8 +315,6 @@
memset(bmp, 0, sizeof(*bmp));
linux_to_bsd_ipc_perm(&lmp->l_msg_perm, &bmp->msg_perm);
- bmp->_msg_first = lmp->l_msg_first;
- bmp->_msg_last = lmp->l_msg_last;
bmp->_msg_cbytes = lmp->l_msg_cbytes;
bmp->msg_qnum = lmp->l_msg_qnum;
bmp->msg_qbytes = lmp->l_msg_qbytes;
@@ -326,10 +331,10 @@
memset(bmp, 0, sizeof(*bmp));
linux_to_bsd_ipc64_perm(&lmp->l_msg_perm, &bmp->msg_perm);
+ bmp->_msg_cbytes = lmp->l_msg_cbytes;
bmp->msg_stime = lmp->l_msg_stime;
bmp->msg_rtime = lmp->l_msg_rtime;
bmp->msg_ctime = lmp->l_msg_ctime;
- bmp->_msg_cbytes = lmp->l_msg_cbytes;
bmp->msg_qnum = lmp->l_msg_qnum;
bmp->msg_qbytes = lmp->l_msg_qbytes;
bmp->msg_lspid = lmp->l_msg_lspid;
@@ -342,8 +347,6 @@
memset(lmp, 0, sizeof(*lmp));
bsd_to_linux_ipc_perm(&bmp->msg_perm, &lmp->l_msg_perm);
- lmp->l_msg_first = bmp->_msg_first;
- lmp->l_msg_last = bmp->_msg_last;
lmp->l_msg_cbytes = bmp->_msg_cbytes;
lmp->l_msg_qnum = bmp->msg_qnum;
lmp->l_msg_qbytes = bmp->msg_qbytes;
@@ -360,6 +363,7 @@
memset(lmp, 0, sizeof(*lmp));
bsd_to_linux_ipc64_perm(&bmp->msg_perm, &lmp->l_msg_perm);
+ lmp->l_msg_cbytes = bmp->_msg_cbytes;
lmp->l_msg_stime = bmp->msg_stime;
lmp->l_msg_rtime = bmp->msg_rtime;
lmp->l_msg_ctime = bmp->msg_ctime;
@@ -504,7 +508,6 @@
bsp->shm_atime = lsp->l_shm_atime;
bsp->shm_dtime = lsp->l_shm_dtime;
bsp->shm_ctime = lsp->l_shm_ctime;
- bsp->_shm_internal = lsp->l_private2; /* XXX Oh well. */
}
void
@@ -519,13 +522,13 @@
bsp->shm_atime = lsp->l_shm_atime;
bsp->shm_dtime = lsp->l_shm_dtime;
bsp->shm_ctime = lsp->l_shm_ctime;
- bsp->_shm_internal = (void*)lsp->l___unused5; /* XXX Oh well. */
}
void
bsd_to_linux_shmid_ds(struct shmid_ds *bsp, struct linux_shmid_ds *lsp)
{
+ memset(lsp, 0, sizeof *lsp);
bsd_to_linux_ipc_perm(&bsp->shm_perm, &lsp->l_shm_perm);
lsp->l_shm_segsz = bsp->shm_segsz;
lsp->l_shm_lpid = bsp->shm_lpid;
@@ -534,12 +537,13 @@
lsp->l_shm_atime = bsp->shm_atime;
lsp->l_shm_dtime = bsp->shm_dtime;
lsp->l_shm_ctime = bsp->shm_ctime;
- lsp->l_private2 = bsp->_shm_internal; /* XXX */
}
void
bsd_to_linux_shmid64_ds(struct shmid_ds *bsp, struct linux_shmid64_ds *lsp)
{
+
+ memset(lsp, 0, sizeof *lsp);
bsd_to_linux_ipc64_perm(&bsp->shm_perm, &lsp->l_shm_perm);
lsp->l_shm_segsz = bsp->shm_segsz;
lsp->l_shm_lpid = bsp->shm_lpid;
@@ -548,7 +552,6 @@
lsp->l_shm_atime = bsp->shm_atime;
lsp->l_shm_dtime = bsp->shm_dtime;
lsp->l_shm_ctime = bsp->shm_ctime;
- lsp->l___unused5 = (u_long)bsp->_shm_internal; /* XXX */
}
/*
diff -r 9c6bc86b1356 -r bda3f2bbea6a sys/compat/linux32/common/linux32_ipccall.c
--- a/sys/compat/linux32/common/linux32_ipccall.c Thu Feb 21 01:20:45 2019 +0000
+++ b/sys/compat/linux32/common/linux32_ipccall.c Thu Feb 21 03:37:18 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: linux32_ipccall.c,v 1.11 2010/05/29 18:55:34 dholland Exp $ */
+/* $NetBSD: linux32_ipccall.c,v 1.12 2019/02/21 03:37:18 mrg Exp $ */
/*
* Copyright (c) 2008 Nicolas Joly
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux32_ipccall.c,v 1.11 2010/05/29 18:55:34 dholland Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux32_ipccall.c,v 1.12 2019/02/21 03:37:18 mrg Exp $");
#if defined(_KERNEL_OPT)
#include "opt_sysv.h"
@@ -157,13 +157,14 @@
default:
return ENOSYS;
}
-
}
#if defined(SYSVSEM) || defined (SYSVMSG) || defined(SYSVSHM)
static void
bsd_to_linux32_ipc_perm(struct ipc_perm *bpp, struct linux32_ipc_perm *lpp)
{
+
+ memset(lpp, 0, sizeof *lpp);
lpp->l_key = bpp->_key;
lpp->l_uid = bpp->uid;
lpp->l_gid = bpp->gid;
@@ -176,6 +177,7 @@
static void
linux32_to_bsd_ipc_perm(struct linux32_ipc_perm *lpp, struct ipc_perm *bpp)
{
+
bpp->_key = lpp->l_key;
bpp->uid = lpp->l_uid;
bpp->gid = lpp->l_gid;
@@ -188,6 +190,8 @@
static void
bsd_to_linux32_ipc64_perm(struct ipc_perm *bpp, struct linux32_ipc64_perm *lpp)
{
+
+ memset(lpp, 0, sizeof *lpp);
lpp->l_key = bpp->_key;
lpp->l_uid = bpp->uid;
lpp->l_gid = bpp->gid;
@@ -200,6 +204,7 @@
static void
linux32_to_bsd_ipc64_perm(struct linux32_ipc64_perm *lpp, struct ipc_perm *bpp)
{
+
bpp->_key = lpp->l_key;
bpp->uid = lpp->l_uid;
bpp->gid = lpp->l_gid;
@@ -214,16 +219,19 @@
static void
bsd_to_linux32_semid_ds(struct semid_ds *bsp, struct linux32_semid_ds *lsp)
{
+
+ memset(lsp, 0, sizeof *lsp);
bsd_to_linux32_ipc_perm(&bsp->sem_perm, &lsp->l_sem_perm);
lsp->l_sem_otime = bsp->sem_otime;
lsp->l_sem_ctime = bsp->sem_ctime;
lsp->l_sem_nsems = bsp->sem_nsems;
- NETBSD32PTR32(lsp->l_sem_base, bsp->_sem_base);
}
static void
bsd_to_linux32_semid64_ds(struct semid_ds *bsp, struct linux32_semid64_ds *lsp)
{
+
+ memset(lsp, 0, sizeof *lsp);
bsd_to_linux32_ipc64_perm(&bsp->sem_perm, &lsp->l_sem_perm);
lsp->l_sem_otime = bsp->sem_otime;
lsp->l_sem_ctime = bsp->sem_ctime;
@@ -237,7 +245,6 @@
bsp->sem_otime = lsp->l_sem_otime;
bsp->sem_ctime = lsp->l_sem_ctime;
bsp->sem_nsems = lsp->l_sem_nsems;
- bsp->_sem_base = NETBSD32PTR64(lsp->l_sem_base);
}
static void
@@ -428,8 +435,6 @@
memset(bmp, 0, sizeof(*bmp));
linux32_to_bsd_ipc_perm(&lmp->l_msg_perm, &bmp->msg_perm);
- bmp->_msg_first = NETBSD32PTR64(lmp->l_msg_first);
- bmp->_msg_last = NETBSD32PTR64(lmp->l_msg_last);
bmp->_msg_cbytes = lmp->l_msg_cbytes;
bmp->msg_qnum = lmp->l_msg_qnum;
bmp->msg_qbytes = lmp->l_msg_qbytes;
@@ -444,12 +449,11 @@
linux32_to_bsd_msqid64_ds(struct linux32_msqid64_ds *lmp, struct msqid_ds *bmp)
{
- memset(bmp, 0, sizeof(*bmp));
linux32_to_bsd_ipc64_perm(&lmp->l_msg_perm, &bmp->msg_perm);
+ bmp->_msg_cbytes = lmp->l_msg_cbytes;
bmp->msg_stime = lmp->l_msg_stime;
bmp->msg_rtime = lmp->l_msg_rtime;
bmp->msg_ctime = lmp->l_msg_ctime;
- bmp->_msg_cbytes = lmp->l_msg_cbytes;
bmp->msg_qnum = lmp->l_msg_qnum;
bmp->msg_qbytes = lmp->l_msg_qbytes;
bmp->msg_lspid = lmp->l_msg_lspid;
@@ -462,8 +466,6 @@
memset(lmp, 0, sizeof(*lmp));
bsd_to_linux32_ipc_perm(&bmp->msg_perm, &lmp->l_msg_perm);
- NETBSD32PTR32(lmp->l_msg_first, bmp->_msg_first);
- NETBSD32PTR32(lmp->l_msg_last, bmp->_msg_last);
lmp->l_msg_cbytes = bmp->_msg_cbytes;
lmp->l_msg_qnum = bmp->msg_qnum;
lmp->l_msg_qbytes = bmp->msg_qbytes;
@@ -480,10 +482,10 @@
memset(lmp, 0, sizeof(*lmp));
bsd_to_linux32_ipc64_perm(&bmp->msg_perm, &lmp->l_msg_perm);
+ lmp->l_msg_cbytes = bmp->_msg_cbytes;
lmp->l_msg_stime = bmp->msg_stime;
lmp->l_msg_rtime = bmp->msg_rtime;
lmp->l_msg_ctime = bmp->msg_ctime;
- lmp->l_msg_cbytes = bmp->_msg_cbytes;
lmp->l_msg_qnum = bmp->msg_qnum;
lmp->l_msg_qbytes = bmp->msg_qbytes;
lmp->l_msg_lspid = bmp->msg_lspid;
@@ -550,6 +552,8 @@
static void
bsd_to_linux32_shmid_ds(struct shmid_ds *bsp, struct linux32_shmid_ds *lsp)
{
+
+ memset(lsp, 0, sizeof *lsp);
bsd_to_linux32_ipc_perm(&bsp->shm_perm, &lsp->l_shm_perm);
lsp->l_shm_segsz = bsp->shm_segsz;
lsp->l_shm_atime = bsp->shm_atime;
Home |
Main Index |
Thread Index |
Old Index