From nobody Tue Oct 26 02:37:10 2021 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0A3D71810133; Tue, 26 Oct 2021 02:37:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HdbZH2YN3z3Q5w; Tue, 26 Oct 2021 02:37:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 47F2F14758; Tue, 26 Oct 2021 02:37:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 19Q2bAw6039991; Tue, 26 Oct 2021 02:37:10 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 19Q2bAHH039990; Tue, 26 Oct 2021 02:37:10 GMT (envelope-from git) Date: Tue, 26 Oct 2021 02:37:10 GMT Message-Id: <202110260237.19Q2bAHH039990@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: a89f144b0da2 - stable/13 - sys_procctl(): use table data to do copyin/copyout List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: a89f144b0da250badd599e507977d8ee56e03d5b Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=a89f144b0da250badd599e507977d8ee56e03d5b commit a89f144b0da250badd599e507977d8ee56e03d5b Author: Konstantin Belousov AuthorDate: 2021-10-15 19:56:12 +0000 Commit: Konstantin Belousov CommitDate: 2021-10-26 02:26:27 +0000 sys_procctl(): use table data to do copyin/copyout (cherry picked from commit 56d5323b4d7d9ccbe1ca3e620400afd165519a12) --- sys/kern/kern_procctl.c | 210 ++++++++++++++++++++---------------------------- 1 file changed, 88 insertions(+), 122 deletions(-) diff --git a/sys/kern/kern_procctl.c b/sys/kern/kern_procctl.c index 06efcf0e8c74..7a88ef24d987 100644 --- a/sys/kern/kern_procctl.c +++ b/sys/kern/kern_procctl.c @@ -710,195 +710,161 @@ struct procctl_cmd_info { int lock_tree; bool one_proc : 1; bool esrch_is_einval : 1; + bool copyout_on_error : 1; + bool no_nonnull_data : 1; + int copyin_sz; + int copyout_sz; int (*exec)(struct thread *, struct proc *, void *); }; static const struct procctl_cmd_info procctl_cmds_info[] = { [PROC_SPROTECT] = { .lock_tree = SA_SLOCKED, .one_proc = false, - .esrch_is_einval = false, - .exec = protect_set, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = protect_set, .copyout_on_error = false, }, [PROC_REAP_ACQUIRE] = { .lock_tree = SA_XLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = reap_acquire, }, + .esrch_is_einval = false, .no_nonnull_data = true, + .copyin_sz = 0, .copyout_sz = 0, + .exec = reap_acquire, .copyout_on_error = false, }, [PROC_REAP_RELEASE] = { .lock_tree = SA_XLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = reap_release, }, + .esrch_is_einval = false, .no_nonnull_data = true, + .copyin_sz = 0, .copyout_sz = 0, + .exec = reap_release, .copyout_on_error = false, }, [PROC_REAP_STATUS] = { .lock_tree = SA_SLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = reap_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, + .copyout_sz = sizeof(struct procctl_reaper_status), + .exec = reap_status, .copyout_on_error = false, }, [PROC_REAP_GETPIDS] = { .lock_tree = SA_SLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = reap_getpids, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(struct procctl_reaper_pids), + .copyout_sz = 0, + .exec = reap_getpids, .copyout_on_error = false, }, [PROC_REAP_KILL] = { .lock_tree = SA_SLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = reap_kill, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(struct procctl_reaper_kill), + .copyout_sz = sizeof(struct procctl_reaper_kill), + .exec = reap_kill, .copyout_on_error = true, }, [PROC_TRACE_CTL] = { .lock_tree = SA_SLOCKED, .one_proc = false, - .esrch_is_einval = false, - .exec = trace_ctl, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = trace_ctl, .copyout_on_error = false, }, [PROC_TRACE_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = trace_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = trace_status, .copyout_on_error = false, }, [PROC_TRAPCAP_CTL] = { .lock_tree = SA_SLOCKED, .one_proc = false, - .esrch_is_einval = false, - .exec = trapcap_ctl, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = trapcap_ctl, .copyout_on_error = false, }, [PROC_TRAPCAP_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = trapcap_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = trapcap_status, .copyout_on_error = false, }, [PROC_PDEATHSIG_CTL] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = true, - .exec = pdeathsig_ctl, }, + .esrch_is_einval = true, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = pdeathsig_ctl, .copyout_on_error = false, }, [PROC_PDEATHSIG_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = true, - .exec = pdeathsig_status, }, + .esrch_is_einval = true, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = pdeathsig_status, .copyout_on_error = false, }, [PROC_ASLR_CTL] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = aslr_ctl, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = aslr_ctl, .copyout_on_error = false, }, [PROC_ASLR_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = aslr_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = aslr_status, .copyout_on_error = false, }, [PROC_PROTMAX_CTL] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = protmax_ctl, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = protmax_ctl, .copyout_on_error = false, }, [PROC_PROTMAX_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = protmax_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = protmax_status, .copyout_on_error = false, }, [PROC_STACKGAP_CTL] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = stackgap_ctl, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = stackgap_ctl, .copyout_on_error = false, }, [PROC_STACKGAP_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = stackgap_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = stackgap_status, .copyout_on_error = false, }, [PROC_NO_NEW_PRIVS_CTL] = { .lock_tree = SA_SLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = no_new_privs_ctl, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = no_new_privs_ctl, .copyout_on_error = false, }, [PROC_NO_NEW_PRIVS_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = no_new_privs_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = no_new_privs_status, .copyout_on_error = false, }, [PROC_WXMAP_CTL] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = wxmap_ctl, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = sizeof(int), .copyout_sz = 0, + .exec = wxmap_ctl, .copyout_on_error = false, }, [PROC_WXMAP_STATUS] = { .lock_tree = SA_UNLOCKED, .one_proc = true, - .esrch_is_einval = false, - .exec = wxmap_status, }, + .esrch_is_einval = false, .no_nonnull_data = false, + .copyin_sz = 0, .copyout_sz = sizeof(int), + .exec = wxmap_status, .copyout_on_error = false, }, }; int sys_procctl(struct thread *td, struct procctl_args *uap) { - void *data; union { struct procctl_reaper_status rs; struct procctl_reaper_pids rp; struct procctl_reaper_kill rk; + int flags; } x; - int error, error1, flags, signum; + const struct procctl_cmd_info *cmd_info; + int error, error1; if (uap->com >= PROC_PROCCTL_MD_MIN) return (cpu_procctl(td, uap->idtype, uap->id, uap->com, uap->data)); - - switch (uap->com) { - case PROC_ASLR_CTL: - case PROC_PROTMAX_CTL: - case PROC_SPROTECT: - case PROC_STACKGAP_CTL: - case PROC_TRACE_CTL: - case PROC_TRAPCAP_CTL: - case PROC_NO_NEW_PRIVS_CTL: - case PROC_WXMAP_CTL: - error = copyin(uap->data, &flags, sizeof(flags)); - if (error != 0) - return (error); - data = &flags; - break; - case PROC_REAP_ACQUIRE: - case PROC_REAP_RELEASE: - if (uap->data != NULL) - return (EINVAL); - data = NULL; - break; - case PROC_REAP_STATUS: - data = &x.rs; - break; - case PROC_REAP_GETPIDS: - error = copyin(uap->data, &x.rp, sizeof(x.rp)); - if (error != 0) - return (error); - data = &x.rp; - break; - case PROC_REAP_KILL: - error = copyin(uap->data, &x.rk, sizeof(x.rk)); - if (error != 0) - return (error); - data = &x.rk; - break; - case PROC_ASLR_STATUS: - case PROC_PROTMAX_STATUS: - case PROC_STACKGAP_STATUS: - case PROC_TRACE_STATUS: - case PROC_TRAPCAP_STATUS: - case PROC_NO_NEW_PRIVS_STATUS: - case PROC_WXMAP_STATUS: - data = &flags; - break; - case PROC_PDEATHSIG_CTL: - error = copyin(uap->data, &signum, sizeof(signum)); + if (uap->com == 0 || uap->com >= nitems(procctl_cmds_info)) + return (EINVAL); + cmd_info = &procctl_cmds_info[uap->com]; + if (cmd_info->copyin_sz > 0) { + error = copyin(uap->data, &x, cmd_info->copyin_sz); if (error != 0) return (error); - data = &signum; - break; - case PROC_PDEATHSIG_STATUS: - data = &signum; - break; - default: + } else if (cmd_info->no_nonnull_data && uap->data != NULL) { return (EINVAL); } - error = kern_procctl(td, uap->idtype, uap->id, uap->com, data); - switch (uap->com) { - case PROC_REAP_STATUS: - if (error == 0) - error = copyout(&x.rs, uap->data, sizeof(x.rs)); - break; - case PROC_REAP_KILL: - error1 = copyout(&x.rk, uap->data, sizeof(x.rk)); + + error = kern_procctl(td, uap->idtype, uap->id, uap->com, &x); + + if (cmd_info->copyout_sz > 0 && (error == 0 || + cmd_info->copyout_on_error)) { + error1 = copyout(&x, uap->data, cmd_info->copyout_sz); if (error == 0) error = error1; - break; - case PROC_ASLR_STATUS: - case PROC_PROTMAX_STATUS: - case PROC_STACKGAP_STATUS: - case PROC_TRACE_STATUS: - case PROC_TRAPCAP_STATUS: - case PROC_NO_NEW_PRIVS_STATUS: - case PROC_WXMAP_STATUS: - if (error == 0) - error = copyout(&flags, uap->data, sizeof(flags)); - break; - case PROC_PDEATHSIG_STATUS: - if (error == 0) - error = copyout(&signum, uap->data, sizeof(signum)); - break; } return (error); }