Page MenuHomeFreeBSD
Differential D33970

ssh: pass 0 to procctl(2) to operate on self
ClosedPublic
Actions

Authored by emaste on Jan 20 2022, 6:52 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Dec 10, 11:44 PM
Unknown Object (File)
Tue, Dec 10, 9:31 AM
Unknown Object (File)
Nov 26 2024, 7:15 PM
Unknown Object (File)
Nov 25 2024, 6:13 AM
Unknown Object (File)
Nov 24 2024, 4:14 PM
Unknown Object (File)
Nov 23 2024, 9:41 AM
Unknown Object (File)
Nov 20 2024, 2:04 PM
Unknown Object (File)
Nov 20 2024, 2:04 PM
View All 75 Files
Subscribers
imp

Details

Reviewers
kib
bdrewery
des
Commits
rGb5b1a6960f33: ssh: pass 0 to procctl(2) to operate on self
rG860508661c14: ssh: pass 0 to procctl(2) to operate on self
rG0746301c4995: ssh: pass 0 to procctl(2) to operate on self
Summary

As of f833ab9dd187 procctl(2) allows idtype P_PID with id = 0 as a shortcut for the calling process ID. The shortcut also bypasses the p_cansee / p_candebug test (since the process is able to act on itself.)

Use the id = 0 shortcut in ssh so that the self-procctl will succeed.

It's likely the case that procctl(2) should allow the self-operation with getpid(). This change is suitable for the base system where we can be certain we are running on a kernel with f833ab9dd187 (and id = 0 is preferable anyway).

Reported by: Shawn Webb
Sponsored by: The FreeBSD Foundation

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

emaste requested review of this revision.Jan 20 2022, 6:52 PM
emaste created this revision.
kib accepted this revision.Jan 20 2022, 11:27 PM
This revision is now accepted and ready to land.Jan 20 2022, 11:27 PM
emaste added a comment.Jan 21 2022, 12:30 AM

Could abandon this change if we change kern_procctl to skip the `error = cmd_info->need_candebug ? p_candebug(td, p) : p_cansee(td, p); in the case that we're operating on ourself.

kib added a comment.Jan 21 2022, 12:51 AM

The change in this review is good because it removes one syscall (not too big achievement on its own, but stil a right thing to do). Removing the unneeded calls in kernel are also good IMO, we do not envision that a process can be stripped from debugging permissions to itself [I believe Windows allows such thing].

Closed by commit rG0746301c4995: ssh: pass 0 to procctl(2) to operate on self (authored by emaste). · Explain WhyJan 21 2022, 12:56 AM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG0746301c4995: ssh: pass 0 to procctl(2) to operate on self.
Herald added a subscriber: imp. · View Herald TranscriptJan 21 2022, 12:56 AM
emaste added a commit: rG860508661c14: ssh: pass 0 to procctl(2) to operate on self.Feb 10 2022, 6:10 PM
emaste added a commit: rGb5b1a6960f33: ssh: pass 0 to procctl(2) to operate on self.Feb 15 2022, 4:05 PM

Revision Contents
Changeset List

PathSize
crypto/
openssh/
2 lines

Diff 101696

View Options

crypto/openssh/platform-tracing.c

Loading...