Page MenuHomeFreeBSD
Differential D45731

stand: module: unlink the entire tail when dependencies fail to load
ClosedPublic
Actions

Authored by kevans on Tue, Jun 25, 4:07 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jun 27, 2:10 PM
Unknown Object (File)
Wed, Jun 26, 4:26 PM
Unknown Object (File)
Tue, Jun 25, 8:38 PM
Subscribers
dab
sjg

Details

Reviewers
imp
tsoome
philip
manu
Commits
rG3da568710fde: stand: module: unlink the entire tail when dependencies fail to load
Summary

Assume you have loader configured to load linux64, which has a
dependency on both linux_common and mqueuefs but neither the kernel
nor kernel config in question have the mqueuefs module included.

When the load command for linux64 fails to find mqueuefs, it will
free both linux64 and linux_common as they were loaded first, but only
linux64 gets removed from the module list. As a result, future
traversals hit an easy use-after-free with linux_common.

Fix it so that we unlink the entire tail of the list. Anything after
the initially loaded module is, by definition, a dependency on the
loaded module while we're still in the load command, so we can just
discard the entire tail. If linux_common were loaded before linux64, it
should not move to a position during this load where it would suddenly
be missing from the view presented to the kernel.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kevans created this revision.Tue, Jun 25, 4:07 PM
Herald added a reviewer: manu. · View Herald TranscriptTue, Jun 25, 4:07 PM
Herald added a subscriber: dab. · View Herald Transcript
kevans requested review of this revision.Tue, Jun 25, 4:07 PM
Harbormaster completed remote builds in B58346: Diff 140225.Tue, Jun 25, 4:07 PM
kevans added a subscriber: sjg.Tue, Jun 25, 4:10 PM

I had this diff sitting in a branch for some reason but never sent it for review, but it fixes a problem recently observed again in the cluster. I think I wrote this in response to a similar scenario hit by @sjg back in March 2023, but I don't really have records of that.

imp accepted this revision.Tue, Jun 25, 4:11 PM

This looks good to me

This revision is now accepted and ready to land.Tue, Jun 25, 4:11 PM
philip accepted this revision.Tue, Jun 25, 4:19 PM

Looks good to me. Do you need me to test it on aarch64?

tsoome accepted this revision.Tue, Jun 25, 5:04 PM
kevans added a comment.Tue, Jun 25, 8:27 PM
In D45731#1043041, @philip wrote:

Looks good to me. Do you need me to test it on aarch64?

If you'd like to, but imo it's not strictly necessary

Closed by commit rG3da568710fde: stand: module: unlink the entire tail when dependencies fail to load (authored by kevans). · Explain WhyTue, Jun 25, 8:32 PM
This revision was automatically updated to reflect the committed changes.
kevans added a commit: rG3da568710fde: stand: module: unlink the entire tail when dependencies fail to load.

Revision Contents
Changeset List

PathSize
stand/
common/
31 lines

Diff 140240

View Options

stand/common/module.c

Loading...