On Tue, Aug 09, 2016 at 01:51:35AM +0200, Oliver Pinter wrote:
> (Added bdrewery to CC, since I'm talking with him on IRC.)
>
> On Tue, Aug 9, 2016 at 1:43 AM, Mark Johnston <ma...@freebsd.org> wrote:
> > On Tue, Aug 09, 2016 at 12:53:47AM +0200, Oliver Pinter wrote:
> >> Hi!
> >>
> >> Can you please MFC back this change 10-STABLE together with the
> >> following:
> >> https://github.com/HardenedBSD/hardenedBSD/commit/576619e564618bca3675db57580d8e1f76bd2ac7
> >>
> >> This issue is still exists on 10-STABLE, as you can test with the
> >> linked program from phabricator:
> >> https://people.freebsd.org/~mjg/reproducers/unp-gc-panic.c
> >
> > Hm, I don't think this could be MFCed directly. It changes the kernel
> > ABI by modifying the argument of dom_dispose(). This could be fixed in
> > stable/10 with a hack to call the unix domain socket code directly when
> > appropriate, which I think is preferable to the current state of things.
> > I'll look into it further.
>
> The question is how much external / out of tree components would use
> this ABI or how acceptable to break this ABI.
> I just grepped through the src tree for internal uses, and I found only these:
I don't think it's acceptable. This could be side-stepped with a hack:
if (pr->pr_domain->dom_family == AF_LOCAL)
unp_dispose_wrapper(so);
else if (pr->pr_flags & PR_RIGHTS && pr->pr_domain->dom_dispose != NULL)
(*pr->pr_domain->dom_dispose)(so->so_rcv.sb_mb);
...
So I'm inclined to just do that and avoid the issue.
>
> op@opn hardenedBSD.git> git grep dom_dispose
> share/doc/smm/18.net/6.t: int (*dom_dispose)(); /*
> dispose of internalized rights */
> share/man/man9/domain.9: void (*dom_dispose) /*
> dispose of internalized rights */
> sys/kern/uipc_debug.c: db_printf("dom_dispose: %p\n", d->dom_dispose);
> sys/kern/uipc_socket.c: if (pr->pr_flags & PR_RIGHTS &&
> pr->pr_domain->dom_dispose != NULL)
> sys/kern/uipc_socket.c: (*pr->pr_domain->dom_dispose)(so);
> sys/kern/uipc_socket.c: * dom_dispose() and sbrelease_internal() are
> an inlining of what was
> sys/kern/uipc_socket.c: * In order to avoid calling dom_dispose with
> the socket buffer mutex
> sys/kern/uipc_socket.c: if (pr->pr_flags & PR_RIGHTS &&
> pr->pr_domain->dom_dispose != NULL)
> sys/kern/uipc_socket.c: (*pr->pr_domain->dom_dispose)(&aso);
> sys/kern/uipc_usrreq.c: .dom_dispose = unp_dispose_so,
> sys/sys/domain.h: void (*dom_dispose) /* dispose of
> internalized rights */
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
