Page MenuHomeFreeBSD
Differential D40519

oce(4): Don't directly access usespace
ClosedPublic
Actions

Authored by brooks on Jun 13 2023, 9:12 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jun 22, 10:29 AM
Unknown Object (File)
Fri, Jun 21, 8:35 AM
Unknown Object (File)
Fri, Jun 21, 8:34 AM
Unknown Object (File)
Fri, Jun 21, 2:29 AM
Unknown Object (File)
Fri, Jun 21, 1:30 AM
Unknown Object (File)
Thu, Jun 20, 1:04 AM
Unknown Object (File)
Sun, Jun 16, 11:43 PM
Unknown Object (File)
Mar 21 2024, 12:42 PM
View All 25 Files
Subscribers
imp

Details

Reviewers
jhb
markj
emaste
Commits
rG9e752dae4ce1: oce(4): Don't directly access usespace
rG758927a982db: oce(4): Don't directly access usespace
Summary

Replace direct stores to userspace address (never safe and broken on
modern CPUs) with a copyout. Use a static assert on the size to ensure
we don't overflow the field.

Sponsored by: DARPA

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

brooks created this revision.Jun 13 2023, 9:12 PM
Herald added a subscriber: imp. · View Herald TranscriptJun 13 2023, 9:12 PM
brooks requested review of this revision.Jun 13 2023, 9:12 PM
Harbormaster completed remote builds in B52028: Diff 123172.Jun 13 2023, 9:12 PM
brooks added reviewers: jhb, markj, emaste.Jun 13 2023, 9:18 PM

This driver should probably be on the list of potential drivers to cull in 15. Other than quite a few bug fixes to ioctl handling it hasn't seen any non-sweeping commits since 2016.

emaste added a comment.Jun 13 2023, 10:36 PM

This driver should probably be on the list of potential drivers to cull in 15.

Probably - are you willing to add the man page deprecation notice and gone_in?

brooks added a comment.Jun 13 2023, 11:04 PM
In D40519#922646, @emaste wrote:

This driver should probably be on the list of potential drivers to cull in 15.

Probably - are you willing to add the man page deprecation notice and gone_in?

D40531

markj added inline comments.Jun 14 2023, 12:41 AM
sys/dev/oce/oce_if.c
2296

Probably we want to check for an error here? And not do anything if rc is already not equal to 0.

brooks updated this revision to Diff 123222.Jun 14 2023, 4:06 PM
  • Fix error returns
Harbormaster completed remote builds in B52052: Diff 123222.Jun 14 2023, 4:06 PM
markj added inline comments.Jun 14 2023, 4:16 PM
sys/dev/oce/oce_if.c
2282

Missing braces.

brooks updated this revision to Diff 123237.Jun 14 2023, 5:31 PM
  • Fix missing braces
Harbormaster completed remote builds in B52053: Diff 123237.Jun 14 2023, 5:31 PM
markj accepted this revision.Jun 14 2023, 5:37 PM
This revision is now accepted and ready to land.Jun 14 2023, 5:37 PM
jhb accepted this revision.Jun 14 2023, 11:17 PM
jhb added inline comments.
sys/dev/oce/oce_if.c
2296

rc is known to be zero here I think. If rc was non-zero up at line 2275 (new) we jump to the error label. Similarly the new goto at 2282 means that rc is known to be zero here.

brooks marked 2 inline comments as done.Jun 14 2023, 11:29 PM
brooks added inline comments.
sys/dev/oce/oce_if.c
2296

The previous version didn't check the copyout return (I'd blindly copied the strncpy). I chose a slightly different strategy since falling through is ok here.

Closed by commit rG758927a982db: oce(4): Don't directly access usespace (authored by brooks). · Explain WhyJun 15 2023, 4:36 PM
This revision was automatically updated to reflect the committed changes.
brooks marked an inline comment as done.
brooks added a commit: rG758927a982db: oce(4): Don't directly access usespace.
brooks added a commit: rG9e752dae4ce1: oce(4): Don't directly access usespace.Jul 20 2023, 8:45 PM

Revision Contents
Changeset List

PathSize
sys/
dev/
oce/
17 lines

Diff 123285

View Options

sys/dev/oce/oce_if.c

Loading...