From owner-freebsd-arch@FreeBSD.ORG Sun Jun 22 20:10:40 2003 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A328C37B401 for ; Sun, 22 Jun 2003 20:10:40 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id D997143F3F for ; Sun, 22 Jun 2003 20:10:39 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h5N3AMKJ048958; Sun, 22 Jun 2003 23:10:22 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h5N3ABDp048953; Sun, 22 Jun 2003 23:10:11 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sun, 22 Jun 2003 23:10:10 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: John-Mark Gurney In-Reply-To: <20030621011002.GG15336@funkthat.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: arch@freebsd.org Subject: Re: make /dev/pci really readable X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jun 2003 03:10:40 -0000 On Fri, 20 Jun 2003, John-Mark Gurney wrote: > John-Mark Gurney wrote this message on Mon, Jun 16, 2003 at 22:29 -0700: > > Bruce Evans wrote this message on Tue, Jun 17, 2003 at 12:36 +1000: > > > On Mon, 16 Jun 2003, Robert Watson wrote: > > > > It looks like (although I haven't tried), user processes can > > > > also cause the kernel to allocate unlimited amounts of kernel memory, > > > > which is another bit we probably need to tighten down. > > > > > > Much more serious. > > > > Yep, the pattern_buf is allocated, and in some cases a berak happens > > w/o freeing it. So there is a memory leak her. Will be fixed soon. > > Ok, I think I have a good patch. It's attached. Fixes the memory leak. > I have also fix the pci manpage to talk about the errors, but it isn't > included in the patch. Per my earlier and out-of-band comments, the /dev/pci code could use some further robustness improvements. In particular, make sure that the code is careful to validate all user arguments for sensibility, such as the issue regarding the allocation of unlimited amounts of kernel memory that I raised earlier. I think we're close to this being safe, but need to take it carefully. This code was clearly not designed to be exposed to untrusted users... Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories