From nobody Fri Jan 20 07:37:21 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NyrvC5Dssz2smmg for ; Fri, 20 Jan 2023 07:37:59 +0000 (UTC) (envelope-from Alexander@leidinger.net) Received: from mailgate.Leidinger.net (bastille.leidinger.net [89.238.82.207]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (P-256)) (Client CN "mailgate.leidinger.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NyrvC3K8wz4Lnn for ; Fri, 20 Jan 2023 07:37:59 +0000 (UTC) (envelope-from Alexander@leidinger.net) Authentication-Results: mx1.freebsd.org; none Received: from outgoing.leidinger.net (p5b165a22.dip0.t-ipconnect.de [91.22.90.34]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) client-signature ECDSA (P-256)) (Client CN "outgoing.leidinger.net", Issuer "R3" (verified OK)) by mailgate.Leidinger.net (Postfix) with ESMTPSA id 8F94923202 for ; Fri, 20 Jan 2023 08:37:54 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leidinger.net; s=outgoing-alex; t=1674200274; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=CPE0iRKVry8n9XavKPzVVn1P6Mjw7rPajLOjnKTjO/Y=; b=LWpxKCFG5wkxBvb0DILkQ6xtsaAk5JRSVZzRvk6UBbTQQRs73JObcpeZlFm/gAb6cjy+q5 cqDKeHdwMaJbrAyNTPGCZVkTQ8sYrU0Thz+7U6WnPBdHQKmWuQzmyWGV8kNUng1qUxAzVZ P/v6Jk0T8oDQY3ld4AqEoanLYo18vtU6olNDxuvRbnlaWhnjCMpx+0KCjF3x13gA2IUJZg Ia1oVkjXxiU/nTP9XrRb2Unm5QJIohkCQDEnZgFEXRKqabcpZn2bsdsORf+OaJq/7m+AZS 6qKzWQZ8d8sI3Q9gCz5Q5/NNr4zEuVEpYV2FAqbAvRfGbb6wm1mgoNNFHOA3FQ== Received: from webmail.leidinger.net (localhost [127.0.0.1]) by outgoing.leidinger.net (Postfix) with ESMTP id 2A0F5AE36 for ; Fri, 20 Jan 2023 08:37:22 +0100 (CET) Received: from www (uid 80) (envelope-from Alexander@leidinger.net) id 97a64 by webmail.leidinger.net (DragonFly Mail Agent v0.13+ on webmail.leidinger.net); Fri, 20 Jan 2023 08:37:21 +0100 Date: Fri, 20 Jan 2023 08:37:21 +0100 Message-ID: <20230120083721.Horde.w2KDmblCBL6A2zxfE-TrZbB@webmail.leidinger.net> From: Alexander Leidinger To: Alan Somers Cc: "Danilo G. Baio" , dev-commits-src-all@freebsd.org Subject: Re: git: 2c24ad3377a6 - main - ifconfig: abort if loading a module fails other than for ENOENT References: <202301091857.309Iv87L068285@gitrepo.freebsd.org> <2f4e4ccf-b19a-4f8f-a9e0-72298e500d7c@app.fastmail.com> In-Reply-To: Accept-Language: de,en Content-Type: multipart/signed; boundary="=_KFNq1ig_f1GyIqzBxHmZVg6"; protocol="application/pgp-signature"; micalg=pgp-sha256 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 X-Rspamd-Queue-Id: 4NyrvC3K8wz4Lnn X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:34240, ipnet:89.238.64.0/18, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N This message is in MIME format and has been PGP signed. --=_KFNq1ig_f1GyIqzBxHmZVg6 Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Quoting Alan Somers (from Thu, 19 Jan 2023=20=20 10:11:38=20-0700): > Ugh, it looks like kldload(2) is doing the privilege check before the > file existence check. I'm not sure of the best solution: > * Change kern_kldload to check for file existence first. This would > ring some alarm bells among security folks, and it isn't totally easy > to do, either. > * Change ifconfig(8) to do an existence check of its own. This=20=20 >=20would be ugly. > * Change ifconfig(8) so that it doesn't attempt to load modules when > just listing an interface. This might be incomplete, but is probably > worth doing anyway. Isn't this affecting all ifconfig operations in a _vnet_ jail, not=20=20 only=20listing an interface? Would it be sensible to revert the commit until there is a solution? From a quick look I have the impression it makes sense to set noload=20=20 to=20true in a jail (in that case ifmaybeload returns and the problem=20=20 should=20go away). Bye, Alexander. --=20 http://www.Leidinger.net=20Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_KFNq1ig_f1GyIqzBxHmZVg6 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIzBAABCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmPKRLAACgkQEg2wmwP4 2Ib3Jg/9FLJN2CnlKXnOFCLS4cyuU7INZVDbJDO9kT1p44jrfr/AWNfwXZhAVSY9 O6YGVHkgducA08tjHCJdg9ERfXPGXs0uve6WjcTEcBySBp8H1AvNHvxTS/2Ot/da 9qmeKOVDPgDEl3CEAB4jTlB/Khow7S8grF5iAYXD5jQw3QaVmydgj/RGh5/Eeliq zsZHxFxKjcxtF1m6+DO3OZcWaROhppoNJGasqMLHeP8VQuaX8KTs8VOIqGw6+hzX eNnd6+dt65pxuoQnjN3WXWoYgeBoJFVPdsMSc+OTij2QCM78tznURK4guw0C1VTP qNiFrZ9YPzRZq4SzVO3KEGmt80roYMzmo8ZIK80C/5WOddAJuXkbkH5NYiPhJkGX GvhAaXw6Pfhb9800wb7t2wVAx3H2f/R/FDzcg/8Me1vpRwcY4AGGRSUwt+sAxVV7 xBQHv3JrR5MgOsiKohqOFLO86XqrJpEjbXTqHCX9N0mlgguPIyLPL4EwLdewkFXN hqBfgs6pu9B1EAx1NflkDfMswmrwIcJDHXzvW4ZFKrIDSGNt4q8wkXI80IDurux1 +mXM++Mh7OD/2gIDajApN5mrb09Ei8D5PwItq47vgo0UpLJcHJPFeD7SvLEpqjGz TJrXjBOLVEbIO1NjsBTfay1UhJg5FgGG2VClXtwwK5y1Dg93jTM= =qXXz -----END PGP SIGNATURE----- --=_KFNq1ig_f1GyIqzBxHmZVg6--