From nobody Sun Sep  1 14:10:02 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WxYgG5zMMz5VGjV;
	Sun, 01 Sep 2024 14:10:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WxYgG4Vf0z4RQH;
	Sun,  1 Sep 2024 14:10:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1725199802;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iYBkoL/YIQeEB6oiTRUpvqcCu4jI3aa5/lLChaENyME=;
	b=JhP95OO96WOjD5/eXdcYgZMrUvzcSFsXjcTS6T4H0AJwSzRosECIyR9kebXzdVmDt6euhK
	e1RF9zbFX3lcQqFznEDj6hQsQUKvL97KwGkdQMQMRNR9J1pyLh35THAa0nxcKMeTfiZwW8
	e5Ta1rdbpIIY4d0gOs/ar1oJW+w+7E+b7kmgwi8QYXAhboX+RthJvTN8jjC4UC9cf65IZC
	WV4Fetn4ITogLFZnBMFAHPGIbpiXX+SZs6hY0aDZt6ZjGEnFE+Py7qAd+oB9Otlk/tQduh
	PfhPKShVyqcIJvPG4MwVMg1A0MdP7MZ6JzZPCfdfyqloiK+l44nMNhSAxNtMKQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725199802; a=rsa-sha256; cv=none;
	b=uRSerYAaghp7/t+R108uWvzBihCzDhqddyPQF6h94V31WusLbp8l0PKPe9r8EeDOANdg4K
	7qg+WkmexmbXA3MMj31gsyQuwFFe0At6mJRQmwHyj2Ar/76QetQcI0loM0yWclxf0VCn0h
	THjTlwfqaMDXzWjDQgFRGvBNR5X348GRqnq7A/Bde0OiEMG8dY5XOPBAvpIBubP3S3gK1x
	n747SVBRUc+8YbFmngHybUvnGSXHRo1ZUjikA4+q/h+YKmopwuTcPIQD2S90rbh/VqMo6x
	IzHvzmow7f5mTj1+/WwEzLyLwYmdMIgYOBH+p1KsijSbJLH1wAmpITIUysYb0w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1725199802;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iYBkoL/YIQeEB6oiTRUpvqcCu4jI3aa5/lLChaENyME=;
	b=mRs9/qEr1Nw5STffrpkAb8RrLcJpNk5mueI+E4uvq/AeXS7FjtEc0e8MSPJgBGc6cr67S9
	xnvhxG5MzZ1jRujGUTSdPJVqMnW5SY0TJOuMxcH0TbKr6J+Du9qsfiXf020pnLJVHuCaxM
	tpZOlBFMC0Y9fQEuQK4/Mqd4tbO1Eec5n5lCb7JR4VmbJecOgURoFCEFPVO7Qos/hdS8NS
	dspGSGAAZdOGIPE5vBbV7W+EVaB5lEl0zt+NSs7IosYf3anN3sn8iJiWRCxSYWJ3GARewO
	f+mFlkL1mokbYfVPex5eoKBRGXLp7EwUVe1ZV8zcmPiMhA0D0F3XbSLGbUQQCw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WxYgG46xWzXM6;
	Sun,  1 Sep 2024 14:10:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 481EA2at002066;
	Sun, 1 Sep 2024 14:10:02 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 481EA2H5002061;
	Sun, 1 Sep 2024 14:10:02 GMT
	(envelope-from git)
Date: Sun, 1 Sep 2024 14:10:02 GMT
Message-Id: <202409011410.481EA2H5002061@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 61295e098599 - main - dummymbuf: Avoid copyout of
  uninitialized memory from the sysctl handler
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 61295e09859953cce5140daf9c2ff85b3feb0e74
Auto-Submitted: auto-generated

The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=61295e09859953cce5140daf9c2ff85b3feb0e74

commit 61295e09859953cce5140daf9c2ff85b3feb0e74
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-31 01:19:09 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-09-01 14:09:53 +0000

    dummymbuf: Avoid copyout of uninitialized memory from the sysctl handler
    
    If *rulesp was initially unset, we'll allocate a new buffer and pass it
    to sysctl_handle_string(), which copies the existing string out and then
    copies in the new string.  We need to make sure the buffer containing
    the existing rules is initialized, otherwise we leak kernel memory to
    userspace.
    
    Fix some nearby style nits while here.
    
    Reported by:    KMSAN
    Reviewed by:    igoro, kp
    Fixes:          8aaffd78c0f5 ("Add dummymbuf module for testing purposes")
    Sponsored by:   Klara, Inc.
    Differential Revision:  https://reviews.freebsd.org/D46493
---
 sys/net/dummymbuf.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/sys/net/dummymbuf.c b/sys/net/dummymbuf.c
index 8c46421888ed..d4ba00b13235 100644
--- a/sys/net/dummymbuf.c
+++ b/sys/net/dummymbuf.c
@@ -74,7 +74,7 @@ dmb_sysctl_handle_rules(SYSCTL_HANDLER_ARGS)
 	char **rulesp = (char **)arg1;
 
 	if (req->newptr == NULL) {
-		// read only
+		/* read only */
 		DMB_RULES_SLOCK();
 		arg1 = *rulesp;
 		if (arg1 == NULL) {
@@ -84,10 +84,12 @@ dmb_sysctl_handle_rules(SYSCTL_HANDLER_ARGS)
 		error = sysctl_handle_string(oidp, arg1, arg2, req);
 		DMB_RULES_SUNLOCK();
 	} else {
-		// read and write
+		/* read and write */
 		DMB_RULES_XLOCK();
-		if (*rulesp == NULL)
-			*rulesp = malloc(arg2, M_DUMMYMBUF_RULES, M_WAITOK);
+		if (*rulesp == NULL) {
+			*rulesp = malloc(arg2, M_DUMMYMBUF_RULES,
+			    M_WAITOK | M_ZERO);
+		}
 		arg1 = *rulesp;
 		error = sysctl_handle_string(oidp, arg1, arg2, req);
 		DMB_RULES_XUNLOCK();
@@ -99,8 +101,7 @@ dmb_sysctl_handle_rules(SYSCTL_HANDLER_ARGS)
 SYSCTL_PROC(_net_dummymbuf, OID_AUTO, rules,
     CTLTYPE_STRING | CTLFLAG_MPSAFE | CTLFLAG_RW | CTLFLAG_VNET,
     &VNET_NAME(dmb_rules), RULES_MAXLEN, dmb_sysctl_handle_rules, "A",
-    "{inet | inet6 | ethernet} {in | out} <ifname> <opname>[ <opargs>];"
-    " ...;");
+    "{inet | inet6 | ethernet} {in | out} <ifname> <opname>[<opargs>]; ...;");
 
 /*
  * Statistics