From owner-freebsd-hackers@FreeBSD.ORG  Wed Feb 17 19:12:04 2010
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8B7D11065670
	for <freebsd-hackers@freebsd.org>; Wed, 17 Feb 2010 19:12:04 +0000 (UTC)
	(envelope-from kostikbel@gmail.com)
Received: from mail.zoral.com.ua (mx0.zoral.com.ua [91.193.166.200])
	by mx1.freebsd.org (Postfix) with ESMTP id 7054C8FC3A
	for <freebsd-hackers@freebsd.org>; Wed, 17 Feb 2010 19:12:03 +0000 (UTC)
Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua
	[10.1.1.148])
	by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id o1HJBueV012630
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Wed, 17 Feb 2010 21:11:56 +0200 (EET)
	(envelope-from kostikbel@gmail.com)
Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1])
	by deviant.kiev.zoral.com.ua (8.14.3/8.14.3) with ESMTP id
	o1HJBufg022524; Wed, 17 Feb 2010 21:11:56 +0200 (EET)
	(envelope-from kostikbel@gmail.com)
Received: (from kostik@localhost)
	by deviant.kiev.zoral.com.ua (8.14.3/8.14.3/Submit) id o1HJBu80022523; 
	Wed, 17 Feb 2010 21:11:56 +0200 (EET)
	(envelope-from kostikbel@gmail.com)
X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to
	kostikbel@gmail.com using -f
Date: Wed, 17 Feb 2010 21:11:56 +0200
From: Kostik Belousov <kostikbel@gmail.com>
To: Fernando Apestegu?a <fernando.apesteguia@gmail.com>
Message-ID: <20100217191156.GP50403@deviant.kiev.zoral.com.ua>
References: <1bd550a01002171051n7117895avb5cf57fb7fbb9388@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="z4D23EFnZpzTzcHd"
Content-Disposition: inline
In-Reply-To: <1bd550a01002171051n7117895avb5cf57fb7fbb9388@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
X-Virus-Scanned: clamav-milter 0.95.2 at skuns.kiev.zoral.com.ua
X-Virus-Status: Clean
X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00
	autolearn=ham version=3.2.5
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	skuns.kiev.zoral.com.ua
Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject: Re: linprocfs proc/pid/environ patch & list question
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Feb 2010 19:12:04 -0000


--z4D23EFnZpzTzcHd
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Feb 17, 2010 at 07:51:06PM +0100, Fernando Apestegu?a wrote:
> Hi,
>=20
> I have a small patch (against 8.0-RELEASE-p2) that _should_ implement
> the /proc/pid/environ file
> under linprocfs.
> However, it seems it does not work properly but I don't know what I'm
> doing wrong.
> Is this list the place to ask for help? I tried in the forums[1] but
> got no answer.
Putting aside any "does not work" questions, please see comment below.
>=20
> Don't we have a 'kernel newbies'-like list?
>=20
> Thanks in advance.
>=20
> [1] http://forums.freebsd.org/showthread.php?t=3D11329
>=20
> --- sys/compat/linprocfs/linprocfs.c.orig	2009-10-25 02:10:29.000000000 +=
0100
> +++ sys/compat/linprocfs/linprocfs.c	2010-02-16 19:38:36.000000000 +0100
> @@ -939,8 +939,38 @@
>  static int
>  linprocfs_doprocenviron(PFS_FILL_ARGS)
>  {
> +	int i, error;
> +	struct ps_strings pss;
> +	char **ps_envstr;
>=20
> -	sbuf_printf(sb, "doprocenviron\n%c", '\0');
> +	PROC_LOCK(p);
> +	if (p_cansee(td, p) !=3D 0)
> +		return (0);
> +	PROC_UNLOCK(p);
> +
> +	error =3D copyin((void *)p->p_sysent->sv_psstrings, &pss,
> +			                    sizeof(pss));
> +	if (error)
> +		return (error);
> +
> +	ps_envstr =3D malloc(pss.ps_nenvstr * sizeof(char *),
> +	    M_TEMP, M_WAITOK);
This is essentially "panic me" code.  ps_nenvstr is user-controlled,
and allows to specify arbitrary integers.

Even ignoring exhaustion of the kernel map, it can cause allocation of
big amount of physical memory. Note that execve(2) implementation uses
swappable memory to store arguments and environment strings passed from
vm spaces.

> +
> +	error =3D copyin((void *)pss.ps_envstr, ps_envstr,
> +	    pss.ps_nenvstr * sizeof(char *));
> +
> +	if (error) {
> +		free(ps_envstr, M_TEMP);
> +		return (error);
> +	}
> +
> +	/* NULL separated list of variable=3Dvalue pairs */
> +=09
> +	for (i =3D 0; i < pss.ps_nenvstr; i++) {
> +		sbuf_copyin(sb, ps_envstr[i], 0);
> +	}
> +
> +	free(ps_envstr, M_TEMP);
>  	return (0);
>  }
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

--z4D23EFnZpzTzcHd
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (FreeBSD)

iEYEARECAAYFAkt8P3sACgkQC3+MBN1Mb4i8vACg20L6f/ExO+ob4sDZo9T+mkuU
ktcAn0hWvo5P1EPTKH3H7DIOICFjo3yZ
=F2oo
-----END PGP SIGNATURE-----

--z4D23EFnZpzTzcHd--