From nobody Thu Jan 16 18:08:17 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YYrSy0VYxz5kkZq; Thu, 16 Jan 2025 18:08:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YYrSx42Ctz3RTy; Thu, 16 Jan 2025 18:08:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737050897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=EHwl0e7rlcS5uSSDm3RqfOCcyDQRlXzpE2X0L93kY38=; b=AfwL4xEy1/wIop3pV243HsWNPnBM45391DWlcm4ZpddU6MZ/dv8cW57b/YS56DeIqPCRf0 5s/Gbyd/yXWa8Maln26gkNdXidYGIYXqmagGWw556ZTckQiIFogAJjhNO2McJTurLU9Zhp pJl6fy+piYwy1haa2OmjvukvsMrSWeThFwAyb2uyq9Dvk2Mjv7fdEOwuC7iyIYVadSrEV7 0jgZE/ayva2HfUA856J+T/NcwwCTqNV6PbRq/e8jZJKN56KL8vLC/3imF1I3WiJ1xNaotL SJ8N7z2ac89sca6UpW2lLI/5LiXN3JiTJ0U8EyUXGqeAdOZYpeCksObv/VGXwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737050897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=EHwl0e7rlcS5uSSDm3RqfOCcyDQRlXzpE2X0L93kY38=; b=R61Il2bzQAR9+OxeidLphWrGWqOe0JAV/X/pSfncrdzGezBE5OSr4GQhnNrdBIgc4CBuZy fdch40or6Jeu/iB+6OzUztcvpKEBubnhGMlKBLly+ux2WQW3xGVeBGgmoGY2EeGJne7GwP rzdjmB9Xh4Wy7qzl8M4nVsvo+99WQ23Wn56zqcsKZ9cTTiOx7ZTYu0DyZhckyw4uumzY+M 17+YCooOgD5KLLxTb91PFcUKxGRqVTkgBaVmEDsmj3rnkt/sPpyVEky8mLs0njx74U57QJ VyrdVcbnIBjpuz71ME0st77iJWk3203zfn/ZKh87e5qyRnV//5b4KsjZ7Qa9wQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1737050897; a=rsa-sha256; cv=none; b=k5IrC6mIrp/1Vc8ahEXvjoV8A5CWndRlOmuwAI+ag6aosuw2VBGZwsnrwLUdSFXTjKEGGA r9+1DqBA99Lxcn0mj6oayxnHHrwjQILW+Wbaw21kmufmqtQF7aMA5yEvGZ0xueHcdLybE5 CPM/f0B9FYYevzM5Yz3/5ay3EAbbTpmqi1BHZguHxEFefChgPQVV8B6gyxYzCfbcx8269H kOVAN4hvdnXmLBs+SVnJxF2euS1Cincz6kIKypFBCzokn7rNVJCBbeVDidwhSJVXiNiZTM sBOek0/NRU2eSJmmu8U5xWunermngNzpTUBeGOBfy0y8F5AooPKCRMjgchYdfA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YYrSx3c4rzkN0; Thu, 16 Jan 2025 18:08:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 50GI8H6k091899; Thu, 16 Jan 2025 18:08:17 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 50GI8HSq091896; Thu, 16 Jan 2025 18:08:17 GMT (envelope-from git) Date: Thu, 16 Jan 2025 18:08:17 GMT Message-Id: <202501161808.50GI8HSq091896@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 731dc8994cc8 - stable/14 - MAC: syscalls: mac_label_copyin(): 32-bit compatibility List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 731dc8994cc8a8bd31fe2cbfca7390fc7b1499bf Auto-Submitted: auto-generated The branch stable/14 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=731dc8994cc8a8bd31fe2cbfca7390fc7b1499bf commit 731dc8994cc8a8bd31fe2cbfca7390fc7b1499bf Author: Olivier Certner AuthorDate: 2024-12-02 10:23:18 +0000 Commit: Olivier Certner CommitDate: 2025-01-16 18:06:56 +0000 MAC: syscalls: mac_label_copyin(): 32-bit compatibility Needed by the upcoming setcred() system call. More generally, is a step on the way to support 32-bit compatibility for MAC-related system calls. Reviewed by: brooks Approved by: markj (mentor) MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D47878 (cherry picked from commit 3bdc5ba2ac760634056c66c3c98b6b3452258a5b) --- sys/security/mac/mac_syscalls.c | 50 ++++++++++++++++++++++++++++++++++++----- sys/security/mac/mac_syscalls.h | 7 ++++++ 2 files changed, 51 insertions(+), 6 deletions(-) diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index e97a7dc09700..26181781a394 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -46,6 +46,7 @@ #include "opt_mac.h" #include +#include #include #include #include @@ -79,6 +80,13 @@ static int kern___mac_get_path(struct thread *td, const char *path_p, static int kern___mac_set_path(struct thread *td, const char *path_p, struct mac *mac_p, int follow); +#ifdef COMPAT_FREEBSD32 +struct mac32 { + uint32_t m_buflen; /* size_t */ + uint32_t m_string; /* char * */ +}; +#endif + /* * Copyin a 'struct mac', including the string pointed to by 'm_string'. * @@ -86,16 +94,30 @@ static int kern___mac_set_path(struct thread *td, const char *path_p, * after use by calling free_copied_label() (which see). On success, 'u_string' * if not NULL is filled with the userspace address for 'u_mac->m_string'. */ -int -mac_label_copyin(const struct mac *const u_mac, struct mac *const mac, - char **const u_string) +static int +mac_label_copyin_impl(const void *const u_mac, struct mac *const mac, + char **const u_string, bool is_32bit) { char *buffer; int error; - error = copyin(u_mac, mac, sizeof(*mac)); - if (error != 0) - return (error); +#ifdef COMPAT_FREEBSD32 + if (is_32bit) { + struct mac32 mac32; + + error = copyin(u_mac, &mac32, sizeof(mac32)); + if (error != 0) + return (error); + + CP(mac32, *mac, m_buflen); + PTRIN_CP(mac32, *mac, m_string); + } else +#endif + { + error = copyin(u_mac, mac, sizeof(*mac)); + if (error != 0) + return (error); + } error = mac_check_structmac_consistent(mac); if (error != 0) @@ -116,12 +138,28 @@ mac_label_copyin(const struct mac *const u_mac, struct mac *const mac, return (0); } +int +mac_label_copyin(const struct mac *const u_mac, struct mac *const mac, + char **const u_string) +{ + return (mac_label_copyin_impl(u_mac, mac, u_string, false)); +} + void free_copied_label(const struct mac *const mac) { free(mac->m_string, M_MACTEMP); } +#ifdef COMPAT_FREEBSD32 +int +mac_label_copyin32(const struct mac32 *const u_mac, + struct mac *const mac, char **const u_string) +{ + return (mac_label_copyin_impl(u_mac, mac, u_string, true)); +} +#endif + int sys___mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) { diff --git a/sys/security/mac/mac_syscalls.h b/sys/security/mac/mac_syscalls.h index 37445eafe364..4efeaf300d31 100644 --- a/sys/security/mac/mac_syscalls.h +++ b/sys/security/mac/mac_syscalls.h @@ -23,6 +23,13 @@ int mac_label_copyin(const struct mac *const u_mac, struct mac *const mac, char **const u_string); void free_copied_label(const struct mac *const mac); +#ifdef COMPAT_FREEBSD32 +struct mac32; + +int mac_label_copyin32(const struct mac32 *const u_mac, + struct mac *const mac, char **const u_string); +#endif /* COMPAT_FREEBSD32 */ + int mac_set_proc_prepare(struct thread *const td, const struct mac *const mac, void **const mac_set_proc_data); int mac_set_proc_core(struct thread *const td, struct ucred *const newcred,