Re: svn commit: r327888 - in head: cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/safety cddl/contrib/opensolaris/lib/libdtrace/common cddl/usr.sbin/dtrace/tests/common/safety sys/cddl/contrib/ope...

Fri, 12 Jan 2018 14:38:10 -0800 

On Fri, Jan 12, 2018 at 8:59 PM, Mark Johnston <ma...@freebsd.org> wrote:

> Modified: head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> ============================================================
> ==================
> --- head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> Fri Jan 12 18:44:28 2018        (r327887)
> +++ head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> Fri Jan 12 19:59:46 2018        (r327888)
> @@ -3654,6 +3654,24 @@ dtrace_dif_variable(dtrace_mstate_t *mstate,
> dtrace_st
>                 return (dtrace_dif_varstr(
>                     (uintptr_t)curthread->t_procp->p_zone->zone_name,
>                     state, mstate));
> +#elif defined(__FreeBSD__)
> +       /*
> +        * On FreeBSD, we introduce compatibility to zonename by falling
> through
> +        * into jailname.
> +        */
> +       case DIF_VAR_JAILNAME:
> +               if (!dtrace_priv_kernel(state))
> +                       return (0);
> +
> +               return (dtrace_dif_varstr(
> +                   (uintptr_t)curthread->t_procp-
> >p_ucred->cr_prison->pr_name,
> +                   state, mstate));
> +
>

Why t_procp? curthread->td_proc creds are what is used for permission
checking and it
rarely temporarily goes out of sync with proc's creds. However, if someone
changes creds
while this tracing is enabled this extra dereference risks accessing a
freed object. On the
other hand curthread creads are always safe to read.


> +       case DIF_VAR_JID:
> +               if (!dtrace_priv_kernel(state))
> +                       return (0);
> +
> +               return ((uint64_t)curthread->t_procp-
> >p_ucred->cr_prison->pr_id);
>  #else
>                 return (0);
>  #endif
>
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to