From owner-svn-src-head@freebsd.org  Fri Jan 12 22:37:53 2018
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 04EA2EA574B;
 Fri, 12 Jan 2018 22:37:53 +0000 (UTC)
 (envelope-from mjguzik@gmail.com)
Received: from mail-qt0-x242.google.com (mail-qt0-x242.google.com
 [IPv6:2607:f8b0:400d:c0d::242])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id A46F869;
 Fri, 12 Jan 2018 22:37:52 +0000 (UTC)
 (envelope-from mjguzik@gmail.com)
Received: by mail-qt0-x242.google.com with SMTP id 33so7891937qtv.1;
 Fri, 12 Jan 2018 14:37:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=DjA8GBp4njcy1z8P7u2bG1ED9lGHxlwcQu6ruT6nfOM=;
 b=hIMzHogeoSNM9ao014JGQekFYNTvKu1P/ILP8Qvvwt0JHLbjvK/iMYIXeAxp7BAry5
 1qi8r45TshrvnthnCg4EHh8/Qa1DZaSR9D35K0W2SYdqKZmTEmYx7aerp3jUYNhSxPmf
 FUI1SWzLoqZMsr6zAOf3aDoMAMZVfsFaJniKCD5ykGL7y8bmPnLqyFNuYVlq+rao+rsK
 zFwW/3rRQAYFKMNOuXL/0iXvJCcvkYGLZfNKB7muAQmq7SR33mRMc5mMeaxXwSREcOoz
 XKJfICXVvIWPCjaKr5hrTqhikRfLhbsCCT9khTXAMB2zfbFlSOSXYZRhgCtvaWKshF6T
 VLWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=DjA8GBp4njcy1z8P7u2bG1ED9lGHxlwcQu6ruT6nfOM=;
 b=LeQgix/CInddFdjQ5jFb50fGJwJrIxZGzi6D4cppTMDodrj3mVutKKHlD95Clgkm6y
 aVHqDRuIC0R6shGghZgPnNL5z8PxkJE2dZSwEYitkjc/oFJH0G1cM2oZt9B5FuRHsPFg
 MaVAqponafPU41KQDP16KbCVOdwuyMuXknkG9u2Gcbb6zxBS1RibnXK1kfBPSAf5LOKv
 sBHzlRpfrluVaqJqGmZbNXgvF5tFwxeaKwaI4KSxBSoVCRsv26fe0oIOpeGdGBNQGikT
 l2RnKPWvNNVObHl7tw+z0OYMfD2xdYGfxevsUnCXRgzybVBaCeOjkMPxw2BKnHnQeHCZ
 h8XQ==
X-Gm-Message-State: AKwxytdpgONupC/acNAJHYpHq74zUUbo0uXWHA3SNZhgNCf/PU96F1dB
 mL5ZaomCSdlS3bfeUosOvde/As4LTqDtUDs+v7o=
X-Google-Smtp-Source: ACJfBovGIjmMLBiO/FGLObNxf1cOrOBnnzYxMVii9iKgwY0j0dkHrrfQmsJbE8Q4qU0ylivy9cgumUOJulO1EDLHvz8=
X-Received: by 10.200.43.13 with SMTP id 13mr39890438qtu.341.1515796671628;
 Fri, 12 Jan 2018 14:37:51 -0800 (PST)
MIME-Version: 1.0
Received: by 10.200.44.214 with HTTP; Fri, 12 Jan 2018 14:37:51 -0800 (PST)
In-Reply-To: <201801121959.w0CJxlaw010074@repo.freebsd.org>
References: <201801121959.w0CJxlaw010074@repo.freebsd.org>
From: Mateusz Guzik <mjguzik@gmail.com>
Date: Fri, 12 Jan 2018 23:37:51 +0100
Message-ID: <CAGudoHHQGT_S5LS6QLMLbmGY2XZ1cCGHMi1-x3U7+pkg3_=JVQ@mail.gmail.com>
Subject: Re: svn commit: r327888 - in head:
 cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/safety
 cddl/contrib/opensolaris/lib/libdtrace/common
 cddl/usr.sbin/dtrace/tests/common/safety sys/cddl/contrib/ope...
To: Mark Johnston <markj@freebsd.org>
Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, 
 svn-src-head@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.25
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2018 22:37:53 -0000

On Fri, Jan 12, 2018 at 8:59 PM, Mark Johnston <markj@freebsd.org> wrote:

> Modified: head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> ============================================================
> ==================
> --- head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> Fri Jan 12 18:44:28 2018        (r327887)
> +++ head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> Fri Jan 12 19:59:46 2018        (r327888)
> @@ -3654,6 +3654,24 @@ dtrace_dif_variable(dtrace_mstate_t *mstate,
> dtrace_st
>                 return (dtrace_dif_varstr(
>                     (uintptr_t)curthread->t_procp->p_zone->zone_name,
>                     state, mstate));
> +#elif defined(__FreeBSD__)
> +       /*
> +        * On FreeBSD, we introduce compatibility to zonename by falling
> through
> +        * into jailname.
> +        */
> +       case DIF_VAR_JAILNAME:
> +               if (!dtrace_priv_kernel(state))
> +                       return (0);
> +
> +               return (dtrace_dif_varstr(
> +                   (uintptr_t)curthread->t_procp-
> >p_ucred->cr_prison->pr_name,
> +                   state, mstate));
> +
>

Why t_procp? curthread->td_proc creds are what is used for permission
checking and it
rarely temporarily goes out of sync with proc's creds. However, if someone
changes creds
while this tracing is enabled this extra dereference risks accessing a
freed object. On the
other hand curthread creads are always safe to read.


> +       case DIF_VAR_JID:
> +               if (!dtrace_priv_kernel(state))
> +                       return (0);
> +
> +               return ((uint64_t)curthread->t_procp-
> >p_ucred->cr_prison->pr_id);
>  #else
>                 return (0);
>  #endif
>