Page MenuHomeFreeBSD
Differential D24753

vfs_exports: Tighten bounds and assert consistency of numsecflavors
ClosedPublic
Actions

Authored by freqlabs on May 7 2020, 10:33 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Apr 21, 5:39 AM
Unknown Object (File)
Sat, Apr 20, 10:57 AM
Unknown Object (File)
Mar 18 2024, 10:44 AM
Unknown Object (File)
Jan 31 2024, 8:46 PM
Unknown Object (File)
Jan 30 2024, 8:09 PM
Unknown Object (File)
Dec 30 2023, 5:44 AM
Unknown Object (File)
Dec 22 2023, 11:32 PM
Unknown Object (File)
Nov 15 2023, 9:04 AM
View All 21 Files
Subscribers
imp
mav

Details

Reviewers
rmacklem
Commits
rS361147: MFC r360900:
rS360900: vfs_exports: Tighten bounds and assert consistency of numsecflavors
Summary

We know the value must be greater than 0 and less than MAXSECFLAVORS.

Reject values outside this range in the initial check in vfs_export and add KASSERTs
in the later consumers.

Also check that we are called with one of either MNT_DELEXPORT or MNT_EXPORTED set.

Sponsored by: iXsystems, Inc.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

freqlabs created this revision.May 7 2020, 10:33 PM
Herald added a subscriber: imp. · View Herald TranscriptMay 7 2020, 10:33 PM
freqlabs requested review of this revision.May 7 2020, 10:33 PM
freqlabs added inline comments.May 8 2020, 4:53 PM
sys/kern/vfs_export.c
308 ↗(On Diff #71526)

This is actually a problem for MNT_DELEXPORT, where we don't use ex_numsecflavors and it is 0.

rmacklem added a comment.May 10 2020, 12:40 AM

After you have updated your patch, I'll look again.
Thanks for doing this, rick

sys/kern/vfs_export.c
120 ↗(On Diff #71526)

It might be better to make this a check that returns an
error instead of a KASSERT(). Although this can only
be done by "root", I'm not sure panicing because a
userland daemon does something bogus is what I'd do.
(You can printf(), so that the bogus case gets logged.)

308 ↗(On Diff #71526)

Yes, allowing 0 for the MNT_DELEXPORT case is correct.
I'd either just leave this code or add a check for MNT_DELEXPORT
and allow the 0 for that case, but not for MNT_EXPORTED.

freqlabs added inline comments.May 10 2020, 8:37 AM
sys/kern/vfs_export.c
120 ↗(On Diff #71526)

There should be no way for these asserts to fail, due to the check in vfs_export. Likewise for the KASSERTs in vfs_stdcheckexp. We should be able to assert these invariants, and should an assertion fail, something really has gone terribly wrong.

308 ↗(On Diff #71526)

I'll add a check that either MNT_DELEXPORT or MNT_EXPORTED is set, and when MNT_EXPORTED is set do the additional bounds check.

freqlabs updated this revision to Diff 71615.May 10 2020, 5:06 PM
freqlabs edited the summary of this revision. (Show Details)
rmacklem accepted this revision.May 10 2020, 10:18 PM
rmacklem added inline comments.
sys/kern/vfs_export.c
120 ↗(On Diff #71615)

Yes, you are correct. I was thinking vfs_hang_addrlist() was being called from
other places than after the sanity checks.

This revision is now accepted and ready to land.May 10 2020, 10:18 PM
Closed by commit rS360900: vfs_exports: Tighten bounds and assert consistency of numsecflavors (authored by freqlabs). · Explain WhyMay 11 2020, 3:39 PM
This revision was automatically updated to reflect the committed changes.
freqlabs added a commit: rS360900: vfs_exports: Tighten bounds and assert consistency of numsecflavors.
freqlabs added a commit: rS361147: MFC r360900:.May 18 2020, 12:33 AM

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
20 lines

Diff 71637

View Options

head/sys/kern/vfs_export.c

Loading...