From nobody Mon Dec 16 14:45:47 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YBjRc1cJ4z5hWR6; Mon, 16 Dec 2024 14:45:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YBjRb5l9Sz4dRx; Mon, 16 Dec 2024 14:45:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734360347; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GbZGQnte3cQyhpuxCEf8twNwFXaRuy5TqW5+JscmXqg=; b=abFGhf8NmYMhjR6VdnbQY0nZ5kfrLIMzfDEfKT6RFFeCHhRwoym4OH2bn3zeFHQv/PqLFT zR4F+5PokVcUw4pV8Lu3zX2QpAr2XfP9cPfEM78Dro91yCYm0JPItLpbR7G484MeatUode bzxRU/6/pKQoDGeucD7GZ3oeWMfu77L8pxXHsmrhIAgF72uAKCVBlHT2JyUiBPOQvzXYnQ DUFdAKMfAC//74WSF5navmA3caF3gwNin2hiRoLXpMLGf3Siy6OcpLreDHUWJtUjVr1Dhd FnjNpDyMFg1DSouKhNFo3Q3dN0Bgvrq9tJkb2DjQmgEDOUk+058oJdgFcGWxtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734360347; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GbZGQnte3cQyhpuxCEf8twNwFXaRuy5TqW5+JscmXqg=; b=NNJp1jnwZJLLrBmysc8qqVJYKSinuXGe78sSI1QD9QATWJL8T0Ir67V5sWDmYMuou7EBFE 0eBf9Nkdl8rbqKSy5Y0P9+0X3Uagux/FrtbPuEAvpysXa4C/CuWuBUOUou2IG0/o3wHlPa zH9CXxsg3C6PQNVJ7JcvQ+VN9x4JbNb+5fDRkegPHb30h0wx/J9GELsxl/0gIs1eKYKoKZ 2GiRvJIal08h3GUYcap8MQEdM038OaB+W9VobsAcHoXqfuGoxTpZpYkRRbUKt1rWgZIH1h bo4VXfpOzLkRSLP9jkWSNjKdQH1wwOwbHTBEBcEnSDjl/uqtugEqaNt/esGh7g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1734360347; a=rsa-sha256; cv=none; b=QCEZK+MTF5hHMQaypZUyOamn5g4wO3Ep+kKirVpq62c8uzfJl/bqEJqE9msH9vP16jwsBB zM/9Eoe6XuuNQCDBRO6lpGDY/1pFGUWtNNXaG2spv6PaZ333aKQOoeKlIboHtX8M4l770u 6Yr6/di5c3O9lCuRoh/nmiOrGu2k32ayu+xesRzNKb/dtolg5dvW3jJZLESivwdzuBC8m+ 3soETNQIOmPeoL2tCl/rvvV3RK9IbwDRaat/IunebXP20IwAnLJ+QH6gwSXae/pvmtjviC kUDjjkJ84BpFpDUb0q2O5HxBgcbfYpOyHw64fffrbP34w+6S/+WCiqFoUTAcpA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YBjRb5MMPzxH8; Mon, 16 Dec 2024 14:45:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4BGEjlt2052916; Mon, 16 Dec 2024 14:45:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4BGEjlef052913; Mon, 16 Dec 2024 14:45:47 GMT (envelope-from git) Date: Mon, 16 Dec 2024 14:45:47 GMT Message-Id: <202412161445.4BGEjlef052913@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Olivier Certner Subject: git: 292c814931d9 - main - MAC/do: sysctl_rules(): Always copy the rules specification string List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 292c814931d975d56d5ffa7c3c85191d56a059c4 Auto-Submitted: auto-generated The branch main has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=292c814931d975d56d5ffa7c3c85191d56a059c4 commit 292c814931d975d56d5ffa7c3c85191d56a059c4 Author: Olivier Certner AuthorDate: 2024-07-03 12:52:38 +0000 Commit: Olivier Certner CommitDate: 2024-12-16 14:42:34 +0000 MAC/do: sysctl_rules(): Always copy the rules specification string We are not guaranteed that the 'rules' storage stays stable if we don't hold the prison lock. For this reason, always copy the specification string (under the lock). Reviewed by: bapt Approved by: markj (mentor) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D47600 --- sys/security/mac_do/mac_do.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c index ed4c984ff559..94fe7b99fc9d 100644 --- a/sys/security/mac_do/mac_do.c +++ b/sys/security/mac_do/mac_do.c @@ -309,30 +309,22 @@ parse_and_set_rules(struct prison *const pr, const char *rules_string) static int sysctl_rules(SYSCTL_HANDLER_ARGS) { - char *new_string; + char *const buf = malloc(MAC_RULE_STRING_LEN, M_DO, M_WAITOK); struct prison *pr; struct rules *rules; int error; rules = find_rules(req->td->td_ucred->cr_prison, &pr); + strlcpy(buf, rules->string, MAC_RULE_STRING_LEN); prison_unlock(pr); - if (req->newptr == NULL) - return (sysctl_handle_string(oidp, rules->string, MAC_RULE_STRING_LEN, req)); - new_string = malloc(MAC_RULE_STRING_LEN, M_DO, - M_WAITOK|M_ZERO); - prison_lock(pr); - strlcpy(new_string, rules->string, MAC_RULE_STRING_LEN); - prison_unlock(pr); - - error = sysctl_handle_string(oidp, new_string, MAC_RULE_STRING_LEN, req); - if (error) + error = sysctl_handle_string(oidp, buf, MAC_RULE_STRING_LEN, req); + if (error != 0 || req->newptr == NULL) goto out; - error = parse_and_set_rules(pr, new_string); - + error = parse_and_set_rules(pr, buf); out: - free(new_string, M_DO); + free(buf, M_DO); return (error); }