Date: Sun, 22 Jun 2003 23:10:10 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: John-Mark Gurney <gurney_j@efn.org> Cc: arch@freebsd.org Subject: Re: make /dev/pci really readable Message-ID: <Pine.NEB.3.96L.1030622230853.47078A-100000@fledge.watson.org> In-Reply-To: <20030621011002.GG15336@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 20 Jun 2003, John-Mark Gurney wrote: > John-Mark Gurney wrote this message on Mon, Jun 16, 2003 at 22:29 -0700: > > Bruce Evans wrote this message on Tue, Jun 17, 2003 at 12:36 +1000: > > > On Mon, 16 Jun 2003, Robert Watson wrote: > > > > It looks like (although I haven't tried), user processes can > > > > also cause the kernel to allocate unlimited amounts of kernel memory, > > > > which is another bit we probably need to tighten down. > > > > > > Much more serious. > > > > Yep, the pattern_buf is allocated, and in some cases a berak happens > > w/o freeing it. So there is a memory leak her. Will be fixed soon. > > Ok, I think I have a good patch. It's attached. Fixes the memory leak. > I have also fix the pci manpage to talk about the errors, but it isn't > included in the patch. Per my earlier and out-of-band comments, the /dev/pci code could use some further robustness improvements. In particular, make sure that the code is careful to validate all user arguments for sensibility, such as the issue regarding the allocation of unlimited amounts of kernel memory that I raised earlier. I think we're close to this being safe, but need to take it carefully. This code was clearly not designed to be exposed to untrusted users... Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1030622230853.47078A-100000>