Site Navigation

Date:      Fri, 12 Jan 2018 23:37:51 +0100
From:      Mateusz Guzik <mjguzik@gmail.com>
To:        Mark Johnston <markj@freebsd.org>
Cc:        src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org,  svn-src-head@freebsd.org
Subject:   Re: svn commit: r327888 - in head: cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/safety cddl/contrib/opensolaris/lib/libdtrace/common cddl/usr.sbin/dtrace/tests/common/safety sys/cddl/contrib/ope...
Message-ID:  <CAGudoHHQGT_S5LS6QLMLbmGY2XZ1cCGHMi1-x3U7%2Bpkg3_=JVQ@mail.gmail.com>
In-Reply-To: <201801121959.w0CJxlaw010074@repo.freebsd.org>
References:  <201801121959.w0CJxlaw010074@repo.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Fri, Jan 12, 2018 at 8:59 PM, Mark Johnston <markj@freebsd.org> wrote:

> Modified: head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> ============================================================
> ==================
> --- head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> Fri Jan 12 18:44:28 2018        (r327887)
> +++ head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
> Fri Jan 12 19:59:46 2018        (r327888)
> @@ -3654,6 +3654,24 @@ dtrace_dif_variable(dtrace_mstate_t *mstate,
> dtrace_st
>                 return (dtrace_dif_varstr(
>                     (uintptr_t)curthread->t_procp->p_zone->zone_name,
>                     state, mstate));
> +#elif defined(__FreeBSD__)
> +       /*
> +        * On FreeBSD, we introduce compatibility to zonename by falling
> through
> +        * into jailname.
> +        */
> +       case DIF_VAR_JAILNAME:
> +               if (!dtrace_priv_kernel(state))
> +                       return (0);
> +
> +               return (dtrace_dif_varstr(
> +                   (uintptr_t)curthread->t_procp-
> >p_ucred->cr_prison->pr_name,
> +                   state, mstate));
> +
>

Why t_procp? curthread->td_proc creds are what is used for permission
checking and it
rarely temporarily goes out of sync with proc's creds. However, if someone
changes creds
while this tracing is enabled this extra dereference risks accessing a
freed object. On the
other hand curthread creads are always safe to read.


> +       case DIF_VAR_JID:
> +               if (!dtrace_priv_kernel(state))
> +                       return (0);
> +
> +               return ((uint64_t)curthread->t_procp-
> >p_ucred->cr_prison->pr_id);
>  #else
>                 return (0);
>  #endif
>

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGudoHHQGT_S5LS6QLMLbmGY2XZ1cCGHMi1-x3U7%2Bpkg3_=JVQ>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact