Date: Fri, 19 Dec 2025 15:59:17 +0000
From: Brooks Davis <brooks@FreeBSD.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject: git: a79e2278c58e - main - ipf: copy{in,out}ptr -> ipf_copy{in,out}_indirect
Message-ID: <69457655.46694.646dd290@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by brooks: URL: https://cgit.FreeBSD.org/src/commit/?id=a79e2278c58e1c59e12fbf39b5b3bf36629bfc87 commit a79e2278c58e1c59e12fbf39b5b3bf36629bfc87 Author: Brooks Davis <brooks@FreeBSD.org> AuthorDate: 2025-12-19 15:59:08 +0000 Commit: Brooks Davis <brooks@FreeBSD.org> CommitDate: 2025-12-19 15:59:08 +0000 ipf: copy{in,out}ptr -> ipf_copy{in,out}_indirect These functions take the source or destintation address indirectly from a potentially missaligned buffer. Rename them to refect this and to free up the copy{in,out}ptr names. Some of the code in question is dead code and doesn't or won't compile, but I've changed it all for consistency. NB: If the pointers are actually stored under aligned then this code is broken with CHERI. Reviewed by: cy Effort: CHERI upstreaming Sponsored by: Innovate UK Differential Revision: https://reviews.freebsd.org/D54232 --- sbin/ipf/ipftest/ip_fil.c | 4 ++-- sbin/ipf/libipf/interror.c | 4 ++-- sys/netpfil/ipfilter/netinet/fil.c | 8 ++++---- sys/netpfil/ipfilter/netinet/ip_auth.c | 5 +++-- sys/netpfil/ipfilter/netinet/ip_fil.h | 5 +++-- sys/netpfil/ipfilter/netinet/ip_proxy.c | 4 ++-- sys/netpfil/ipfilter/netinet/ip_scan.c | 4 ++-- 7 files changed, 18 insertions(+), 16 deletions(-) diff --git a/sbin/ipf/ipftest/ip_fil.c b/sbin/ipf/ipftest/ip_fil.c index 6df3bed8224e..72816a73327e 100644 --- a/sbin/ipf/ipftest/ip_fil.c +++ b/sbin/ipf/ipftest/ip_fil.c @@ -619,7 +619,7 @@ ipf_checkv6sum(fin) * See above for description, except that all addressing is in user space. */ int -copyoutptr(softc, src, dst, size) +ipf_copyout_indirect(softc, src, dst, size) void *src, *dst; size_t size; { @@ -635,7 +635,7 @@ copyoutptr(softc, src, dst, size) * See above for description, except that all addressing is in user space. */ int -copyinptr(src, dst, size) +ipf_copyin_indirect(src, dst, size) void *src, *dst; size_t size; { diff --git a/sbin/ipf/libipf/interror.c b/sbin/ipf/libipf/interror.c index a7e6f4a5e431..98f550b5e3ff 100644 --- a/sbin/ipf/libipf/interror.c +++ b/sbin/ipf/libipf/interror.c @@ -28,8 +28,8 @@ static ipf_error_entry_t *find_error(int); static ipf_error_entry_t ipf_errors[] = { { 1, "auth table locked/full" }, { 2, "" }, - { 3, "copyinptr received bad address" }, - { 4, "copyoutptr received bad address" }, + { 3, "ipf_copyin_indirect received bad address" }, + { 4, "ipf_copyout_indirect received bad address" }, { 5, "" }, { 6, "cannot load a rule with FR_T_BUILTIN flag set" }, { 7, "internal rule without FR_T_BUILDINT flag set" }, diff --git a/sys/netpfil/ipfilter/netinet/fil.c b/sys/netpfil/ipfilter/netinet/fil.c index 242affeff000..f8b8ffec7bdd 100644 --- a/sys/netpfil/ipfilter/netinet/fil.c +++ b/sys/netpfil/ipfilter/netinet/fil.c @@ -4051,7 +4051,7 @@ ipf_sync(ipf_main_softc_t *softc, void *ifp) * end up being unaligned) and on the kernel's local stack. */ /* ------------------------------------------------------------------------ */ -/* Function: copyinptr */ +/* Function: ipf_copyin_indirect */ /* Returns: int - 0 = success, else failure */ /* Parameters: src(I) - pointer to the source address */ /* dst(I) - destination address */ @@ -4062,7 +4062,7 @@ ipf_sync(ipf_main_softc_t *softc, void *ifp) /* NB: src - pointer to user space pointer, dst - kernel space pointer */ /* ------------------------------------------------------------------------ */ int -copyinptr(ipf_main_softc_t *softc, void *src, void *dst, size_t size) +ipf_copyin_indirect(ipf_main_softc_t *softc, void *src, void *dst, size_t size) { caddr_t ca; int error; @@ -4084,7 +4084,7 @@ copyinptr(ipf_main_softc_t *softc, void *src, void *dst, size_t size) /* ------------------------------------------------------------------------ */ -/* Function: copyoutptr */ +/* Function: ipf_copyout_indirect */ /* Returns: int - 0 = success, else failure */ /* Parameters: src(I) - pointer to the source address */ /* dst(I) - destination address */ @@ -4095,7 +4095,7 @@ copyinptr(ipf_main_softc_t *softc, void *src, void *dst, size_t size) /* NB: src - kernel space pointer, dst - pointer to user space pointer. */ /* ------------------------------------------------------------------------ */ int -copyoutptr(ipf_main_softc_t *softc, void *src, void *dst, size_t size) +ipf_copyout_indirect(ipf_main_softc_t *softc, void *src, void *dst, size_t size) { caddr_t ca; int error; diff --git a/sys/netpfil/ipfilter/netinet/ip_auth.c b/sys/netpfil/ipfilter/netinet/ip_auth.c index 13ae4d8ae54a..1611e7596623 100644 --- a/sys/netpfil/ipfilter/netinet/ip_auth.c +++ b/sys/netpfil/ipfilter/netinet/ip_auth.c @@ -1015,8 +1015,9 @@ ipf_auth_ioctlloop: for (t = auth.fra_buf; m && (len > 0); ) { i = MIN(M_LEN(m), len); - error = copyoutptr(softc, MTOD(m, char *), - &t, i); + error = ipf_copyout_indirect(softc, + MTOD(m, char *), + &t, i); len -= i; t += i; if (error != 0) { diff --git a/sys/netpfil/ipfilter/netinet/ip_fil.h b/sys/netpfil/ipfilter/netinet/ip_fil.h index 24d4f9695322..81ad50373fe9 100644 --- a/sys/netpfil/ipfilter/netinet/ip_fil.h +++ b/sys/netpfil/ipfilter/netinet/ip_fil.h @@ -1679,8 +1679,9 @@ extern char *getifname(struct ifnet *); extern int ipfattach(ipf_main_softc_t *); extern int ipfdetach(ipf_main_softc_t *); extern u_short ipf_cksum(u_short *, int); -extern int copyinptr(ipf_main_softc_t *, void *, void *, size_t); -extern int copyoutptr(ipf_main_softc_t *, void *, void *, size_t); +extern int ipf_copyin_indirect(ipf_main_softc_t *, void *, void *, size_t); +extern int ipf_copyout_indirect(ipf_main_softc_t *, void *, void *, + size_t); extern int ipf_fastroute(mb_t *, mb_t **, fr_info_t *, frdest_t *); extern int ipf_inject(fr_info_t *, mb_t *); extern int ipf_inobj(ipf_main_softc_t *, void *, ipfobj_t *, diff --git a/sys/netpfil/ipfilter/netinet/ip_proxy.c b/sys/netpfil/ipfilter/netinet/ip_proxy.c index 9fb6dbd2a9e1..c084b97c23d9 100644 --- a/sys/netpfil/ipfilter/netinet/ip_proxy.c +++ b/sys/netpfil/ipfilter/netinet/ip_proxy.c @@ -700,8 +700,8 @@ ipf_proxy_ioctl(ipf_main_softc_t *softc, caddr_t data, ioctlcmd_t cmd, IPFERROR(80003); error = ENOMEM; } else { - error = copyinptr(softc, ctl.apc_data, ptr, - ctl.apc_dsize); + error = ipf_copyin_indirect(softc, ctl.apc_data, + ptr, ctl.apc_dsize); if (error == 0) ctl.apc_data = ptr; } diff --git a/sys/netpfil/ipfilter/netinet/ip_scan.c b/sys/netpfil/ipfilter/netinet/ip_scan.c index 744824bdb325..89d2fca855a3 100644 --- a/sys/netpfil/ipfilter/netinet/ip_scan.c +++ b/sys/netpfil/ipfilter/netinet/ip_scan.c @@ -106,7 +106,7 @@ ipf_scan_add(caddr_t data) return (ENOMEM); } - err = copyinptr(data, isc, sizeof(*isc)); + err = ipf_copyin_indirect(data, isc, sizeof(*isc)); if (err) { KFREE(isc); return (err); @@ -150,7 +150,7 @@ ipf_scan_remove(caddr_t data) ipscan_t isc, *i; int err; - err = copyinptr(data, &isc, sizeof(isc)); + err = ipf_copyin_indirect(data, &isc, sizeof(isc)); if (err) return (err);help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69457655.46694.646dd290>