Module Name: src
Committed By: martin
Date: Sun Aug 15 09:27:50 UTC 2021
Modified Files:
src/sys/compat/common [netbsd-9]: vfs_syscalls_30.c vfs_syscalls_43.c
vfs_syscalls_50.c
Log Message:
Pull up following revision(s) (requested by christos in ticket #1337):
sys/compat/common/vfs_syscalls_43.c: revision 1.67
sys/compat/common/vfs_syscalls_50.c: revision 1.26
sys/compat/common/vfs_syscalls_30.c: revision 1.42
- memset struct stat to avoid kernel memory disclosure of padded fields
(thanks Trend Micro for the report)
- use do_fhstat
- consistency in argument order of compat functions
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.38.4.1 src/sys/compat/common/vfs_syscalls_30.c
cvs rdiff -u -r1.64.4.1 -r1.64.4.2 src/sys/compat/common/vfs_syscalls_43.c
cvs rdiff -u -r1.23.2.1 -r1.23.2.2 src/sys/compat/common/vfs_syscalls_50.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/compat/common/vfs_syscalls_30.c
diff -u src/sys/compat/common/vfs_syscalls_30.c:1.38 src/sys/compat/common/vfs_syscalls_30.c:1.38.4.1
--- src/sys/compat/common/vfs_syscalls_30.c:1.38 Sun Jan 27 02:08:39 2019
+++ src/sys/compat/common/vfs_syscalls_30.c Sun Aug 15 09:27:50 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_syscalls_30.c,v 1.38 2019/01/27 02:08:39 pgoyette Exp $ */
+/* $NetBSD: vfs_syscalls_30.c,v 1.38.4.1 2021/08/15 09:27:50 martin Exp $ */
/*-
* Copyright (c) 2005, 2008 The NetBSD Foundation, Inc.
@@ -29,7 +29,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.38 2019/01/27 02:08:39 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.38.4.1 2021/08/15 09:27:50 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -61,8 +61,6 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls
#include <compat/sys/dirent.h>
#include <compat/sys/mount.h>
-static void cvtstat(struct stat13 *, const struct stat *);
-
static const struct syscall_package vfs_syscalls_30_syscalls[] = {
{ SYS_compat_30___fhstat30, 0, (sy_call_t *)compat_30_sys___fhstat30 },
{ SYS_compat_30___fstat13, 0, (sy_call_t *)compat_30_sys___fstat13 },
@@ -83,6 +81,8 @@ static void
cvtstat(struct stat13 *ost, const struct stat *st)
{
+ /* Handle any padding. */
+ memset(ost, 0, sizeof(*ost));
ost->st_dev = st->st_dev;
ost->st_ino = (uint32_t)st->st_ino;
ost->st_mode = st->st_mode;
@@ -121,8 +121,7 @@ compat_30_sys___stat13(struct lwp *l,
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, ub), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap, ub), sizeof(osb));
}
@@ -146,8 +145,7 @@ compat_30_sys___lstat13(struct lwp *l,
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, ub), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap, ub), sizeof(osb));
}
/* ARGSUSED */
@@ -162,33 +160,12 @@ compat_30_sys_fhstat(struct lwp *l,
struct stat sb;
struct stat13 osb;
int error;
- struct compat_30_fhandle fh;
- struct mount *mp;
- struct vnode *vp;
-
- /*
- * Must be super user
- */
- if ((error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FILEHANDLE,
- 0, NULL, NULL, NULL)))
- return (error);
- if ((error = copyin(SCARG(uap, fhp), &fh, sizeof(fh))) != 0)
- return (error);
-
- if ((mp = vfs_getvfs(&fh.fh_fsid)) == NULL)
- return (ESTALE);
- if (mp->mnt_op->vfs_fhtovp == NULL)
- return EOPNOTSUPP;
- if ((error = VFS_FHTOVP(mp, (struct fid*)&fh.fh_fid, &vp)))
- return (error);
- error = vn_stat(vp, &sb);
- vput(vp);
+ error = do_fhstat(l, SCARG(uap, fhp), sizeof(*SCARG(uap, fhp)), &sb);
if (error)
- return (error);
+ return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, sb), sizeof(sb));
- return (error);
+ return copyout(&osb, SCARG(uap, sb), sizeof(osb));
}
/*
@@ -211,8 +188,7 @@ compat_30_sys___fstat13(struct lwp *l,
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, sb), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap, sb), sizeof(osb));
}
/*
@@ -289,7 +265,7 @@ again:
bdp = (struct dirent *)inp;
reclen = bdp->d_reclen;
if (reclen & _DIRENT_ALIGN(bdp))
- panic("netbsd30_getdents: bad reclen %d", reclen);
+ panic("%s: bad reclen %d", __func__, reclen);
if (cookie)
off = *cookie++; /* each entry points to the next */
else
@@ -393,9 +369,8 @@ compat_30_sys_getfh(struct lwp *l, const
error = EINVAL;
}
if (error)
- return (error);
- error = copyout(&fh, SCARG(uap, fhp), sizeof(struct compat_30_fhandle));
- return (error);
+ return error;
+ return copyout(&fh, SCARG(uap, fhp), sizeof(fh));
}
/*
@@ -434,8 +409,7 @@ compat_30_sys___fhstat30(struct lwp *l,
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap_30, sb), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap_30, sb), sizeof(osb));
}
/* ARGSUSED */
Index: src/sys/compat/common/vfs_syscalls_43.c
diff -u src/sys/compat/common/vfs_syscalls_43.c:1.64.4.1 src/sys/compat/common/vfs_syscalls_43.c:1.64.4.2
--- src/sys/compat/common/vfs_syscalls_43.c:1.64.4.1 Thu Feb 27 19:00:05 2020
+++ src/sys/compat/common/vfs_syscalls_43.c Sun Aug 15 09:27:50 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_syscalls_43.c,v 1.64.4.1 2020/02/27 19:00:05 martin Exp $ */
+/* $NetBSD: vfs_syscalls_43.c,v 1.64.4.2 2021/08/15 09:27:50 martin Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_43.c,v 1.64.4.1 2020/02/27 19:00:05 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_43.c,v 1.64.4.2 2021/08/15 09:27:50 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -75,9 +75,6 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls
#include <compat/common/compat_util.h>
#include <compat/common/compat_mod.h>
-static void cvttimespec(struct timespec *, struct timespec50 *);
-static void cvtstat(struct stat *, struct stat43 *);
-
static struct syscall_package vfs_syscalls_43_syscalls[] = {
{ SYS_compat_43_oquota, 0, (sy_call_t *)compat_43_sys_quota },
{ SYS_compat_43_stat43, 0, (sy_call_t *)compat_43_sys_stat },
@@ -96,7 +93,7 @@ static struct syscall_package vfs_syscal
* Convert from an old to a new timespec structure.
*/
static void
-cvttimespec(struct timespec *ts, struct timespec50 *ots)
+cvttimespec(struct timespec50 *ots, const struct timespec *ts)
{
if (ts->tv_sec > INT_MAX) {
@@ -120,11 +117,11 @@ cvttimespec(struct timespec *ts, struct
* Convert from an old to a new stat structure.
*/
static void
-cvtstat(struct stat *st, struct stat43 *ost)
+cvtstat(struct stat43 *ost, const struct stat *st)
{
/* Handle any padding. */
- memset(ost, 0, sizeof *ost);
+ memset(ost, 0, sizeof(*ost));
ost->st_dev = st->st_dev;
ost->st_ino = st->st_ino;
ost->st_mode = st->st_mode & 0xffff;
@@ -136,9 +133,9 @@ cvtstat(struct stat *st, struct stat43 *
ost->st_size = st->st_size;
else
ost->st_size = -2;
- cvttimespec(&st->st_atimespec, &ost->st_atimespec);
- cvttimespec(&st->st_mtimespec, &ost->st_mtimespec);
- cvttimespec(&st->st_ctimespec, &ost->st_ctimespec);
+ cvttimespec(&ost->st_atimespec, &st->st_atimespec);
+ cvttimespec(&ost->st_mtimespec, &st->st_mtimespec);
+ cvttimespec(&ost->st_ctimespec, &st->st_ctimespec);
ost->st_blksize = st->st_blksize;
ost->st_blocks = st->st_blocks;
ost->st_flags = st->st_flags;
@@ -162,10 +159,9 @@ compat_43_sys_stat(struct lwp *l, const
error = do_sys_stat(SCARG(uap, path), FOLLOW, &sb);
if (error)
- return (error);
- cvtstat(&sb, &osb);
- error = copyout((void *)&osb, (void *)SCARG(uap, ub), sizeof (osb));
- return (error);
+ return error;
+ cvtstat(&osb, &sb);
+ return copyout(&osb, SCARG(uap, ub), sizeof(osb));
}
/*
@@ -177,7 +173,7 @@ compat_43_sys_lstat(struct lwp *l, const
{
/* {
syscallarg(char *) path;
- syscallarg(struct ostat *) ub;
+ syscallarg(struct stat43 *) ub;
} */
struct vnode *vp, *dvp;
struct stat sb, sb1;
@@ -242,9 +238,8 @@ again:
sb.st_size = sb1.st_size;
sb.st_blocks = sb1.st_blocks;
}
- cvtstat(&sb, &osb);
- error = copyout((void *)&osb, (void *)SCARG(uap, ub), sizeof (osb));
- return (error);
+ cvtstat(&osb, &sb);
+ return copyout((void *)&osb, (void *)SCARG(uap, ub), sizeof (osb));
}
/*
@@ -258,18 +253,16 @@ compat_43_sys_fstat(struct lwp *l, const
syscallarg(int) fd;
syscallarg(struct stat43 *) sb;
} */
- struct stat ub;
- struct stat43 oub;
+ struct stat sb;
+ struct stat43 osb;
int error;
- error = do_sys_fstat(SCARG(uap, fd), &ub);
- if (error == 0) {
- cvtstat(&ub, &oub);
- error = copyout((void *)&oub, (void *)SCARG(uap, sb),
- sizeof (oub));
- }
+ error = do_sys_fstat(SCARG(uap, fd), &sb);
+ if (error)
+ return error;
- return (error);
+ cvtstat(&osb, &sb);
+ return copyout(&osb, SCARG(uap, sb), sizeof(osb));
}
@@ -292,7 +285,7 @@ compat_43_sys_ftruncate(struct lwp *l, c
SCARG(&nuap, fd) = SCARG(uap, fd);
SCARG(&nuap, length) = SCARG(uap, length);
- return (sys_ftruncate(l, &nuap, retval));
+ return sys_ftruncate(l, &nuap, retval);
}
/*
@@ -531,7 +524,7 @@ out1:
fd_putfile(SCARG(uap, fd));
if (error)
return error;
- return copyout(&loff, SCARG(uap, basep), sizeof(long));
+ return copyout(&loff, SCARG(uap, basep), sizeof(loff));
}
int
Index: src/sys/compat/common/vfs_syscalls_50.c
diff -u src/sys/compat/common/vfs_syscalls_50.c:1.23.2.1 src/sys/compat/common/vfs_syscalls_50.c:1.23.2.2
--- src/sys/compat/common/vfs_syscalls_50.c:1.23.2.1 Wed Dec 18 20:04:32 2019
+++ src/sys/compat/common/vfs_syscalls_50.c Sun Aug 15 09:27:50 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_syscalls_50.c,v 1.23.2.1 2019/12/18 20:04:32 martin Exp $ */
+/* $NetBSD: vfs_syscalls_50.c,v 1.23.2.2 2021/08/15 09:27:50 martin Exp $ */
/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -29,7 +29,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_50.c,v 1.23.2.1 2019/12/18 20:04:32 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_50.c,v 1.23.2.2 2021/08/15 09:27:50 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -75,8 +75,6 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls
#include <compat/sys/dirent.h>
#include <compat/sys/mount.h>
-static void cvtstat(struct stat30 *, const struct stat *);
-
static const struct syscall_package vfs_syscalls_50_syscalls[] = {
{ SYS_compat_50___stat30, 0, (sy_call_t *)compat_50_sys___stat30 },
{ SYS_compat_50___fstat30, 0, (sy_call_t *)compat_50_sys___fstat30 },
@@ -101,6 +99,8 @@ static void
cvtstat(struct stat30 *ost, const struct stat *st)
{
+ /* Handle any padding. */
+ memset(ost, 0, sizeof(*ost));
ost->st_dev = st->st_dev;
ost->st_ino = st->st_ino;
ost->st_mode = st->st_mode;
@@ -139,8 +139,7 @@ compat_50_sys___stat30(struct lwp *l, co
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, ub), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap, ub), sizeof(osb));
}
@@ -163,8 +162,7 @@ compat_50_sys___lstat30(struct lwp *l, c
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, ub), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap, ub), sizeof(osb));
}
/*
@@ -186,8 +184,7 @@ compat_50_sys___fstat30(struct lwp *l, c
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, sb), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap, sb), sizeof(osb));
}
/* ARGSUSED */
@@ -207,8 +204,7 @@ compat_50_sys___fhstat40(struct lwp *l,
if (error)
return error;
cvtstat(&osb, &sb);
- error = copyout(&osb, SCARG(uap, sb), sizeof (osb));
- return error;
+ return copyout(&osb, SCARG(uap, sb), sizeof(osb));
}
static int
