From nobody Fri Jan 26 21:05:11 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TM9FN2zfsz58qf1; Fri, 26 Jan 2024 21:05:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TM9FN0fvZz4NcZ; Fri, 26 Jan 2024 21:05:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706303112; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6eGYilJTz5X8xJz0FYLP/CN81mVioF+p6xpXVmuTR9M=; b=K34ub2G69SIFLAi6fNIS2DVJ1v+t8I7psl9NKK8QCGV+v1uyB8lajZFYrnRMjELTaIoTic s9P1ZDk6uqHA559l/tGvFlP1Zn1126/FWjX6diSNhIH1qyHNQW4IqT15HWW6VIqLmfHvDR GTYqh5WoL0H7gYQBS9VVkO6AaOV1AV8k5H6IPTF/PatTWVzr4uu2PygaCIxXZ7ZEmJJeBo 8yyO4PcRiS5gCmQ7OClXVelFb9wb/+vjqKs4wPGC5M33H+UqPmEnKaB3Eu2ZNfp1mZ6DIJ W0WT8Mv1VcZ65Xnjwr3jqnP+SLjz5Kx6Q7hnD/5iaTD0TLK4f7e56jGxeLKb9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706303112; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6eGYilJTz5X8xJz0FYLP/CN81mVioF+p6xpXVmuTR9M=; b=XdM55kNwevIUfz9ew+YyIJApkHX6CZEsZoERq3Ds/LvMmvgJ8bncF9dRE1ilParcZaNUpm FfTmzIsVAz3Zn6ucBxUmZeQzkoLSF3nEhfpkh/qxdl6awpO4UIs3GvstuMneFe6v9qY6ws i0haKbBYzriDAhreo1MEDakYO6o1KNvEgn71O7ULmC9e3LUpk+rv6/XWibF3dwuG8MEBwZ qaMCoXWRGxwiONeEARr+z38TV90pmmAHJy96t/s+11IfGJFa0n0EwVrpeNJ+7KyR9+Y5hq DY7g7XNOb72JoOO2n7cm7zPgk5j6O2bv9oYcpvAniTN+K31sckgAjb2w6tx0JQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706303112; a=rsa-sha256; cv=none; b=rySgz5UTguLJsAgq4pZYyuqxrTtWvPC0s3VNmwLe07pkKtikOqq+Z7p2+/+W1G2e1+VE1Q R/dvaDvFP9w3fP0K0Uf6l2DlsebPpLJurgBtsKLx2Oimz+nhxkj7WC1A/9wUI+mVJ81GeA 1V61Q5LE6AJ8/eJcBZj8xczD2XKS27T9y9JS8Q8uIyfANvK0Ltp8AqJLcx2b4SiAmdQb3Y AggpMsn4HUnjM6rg/SJHc1+ifnvCAtQhGJAp4sw03eTs35E6GOa+fmqpSQJkKNrlXr+yPv i5Kx05eeYhysvCepTpkVUC1eg4zdH6awj4SCtZBaOHbhuIx6KADjK7QQUzy2Og== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TM9FM6sLbzx2X; Fri, 26 Jan 2024 21:05:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 40QL5BRM084473; Fri, 26 Jan 2024 21:05:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 40QL5B1H084470; Fri, 26 Jan 2024 21:05:11 GMT (envelope-from git) Date: Fri, 26 Jan 2024 21:05:11 GMT Message-Id: <202401262105.40QL5B1H084470@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: b95b9505acf1 - stable/13 - pthread_attr_get_np(): Use malloc(), report ENOMEM, don't tamper on error List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: b95b9505acf176ca8b058286c74847f4a49856e9 Auto-Submitted: auto-generated The branch stable/13 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=b95b9505acf176ca8b058286c74847f4a49856e9 commit b95b9505acf176ca8b058286c74847f4a49856e9 Author: Olivier Certner AuthorDate: 2024-01-04 17:45:52 +0000 Commit: Olivier Certner CommitDate: 2024-01-26 21:04:39 +0000 pthread_attr_get_np(): Use malloc(), report ENOMEM, don't tamper on error Similarly as in the previous commit, using calloc() instead of malloc() is useless here in the regular case since the subsequent call to cpuset_getaffinify() is going to completely fill the allocated memory. However, there is an additional complication. This function tries to allocate memory to hold the cpuset if it previously wasn't, and does so before the thread lock is acquired, which can fail on a bad thread ID. In this case, it is necessary to deallocate the memory allocated in this function so that the attributes object appears unmodified to the caller when an error is returned. Without this, a subsequent call to pthread_attr_getaffinity_np() would expose uninitialized memory (not a security problem per se, since it comes from the same process) instead of returning a full mask as it would before the failing call to pthread_attr_get_np(). So the caller would be able to notice a change in the state of the attributes object even if pthread_attr_get_np() reported failure, which would be quite surprising. A similar problem that could occur on failure of cpuset_setaffinity() has been fixed. Finally, we shall always report memory allocation failure. This already goes for pthread_attr_init(), so, if for nothing else, just be consistent. Reviewed by: emaste, kib Approved by: emaste (mentor) MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D43329 (cherry picked from commit aadb4a1b3fd185d547087f6eafca6ce0b4df3291) Approved by: markj (mentor) --- lib/libthr/thread/thr_attr.c | 45 ++++++++++++++++++++++++----------------- lib/libthr/thread/thr_private.h | 2 -- 2 files changed, 27 insertions(+), 20 deletions(-) diff --git a/lib/libthr/thread/thr_attr.c b/lib/libthr/thread/thr_attr.c index 561037fa5eb4..3c03225c33cb 100644 --- a/lib/libthr/thread/thr_attr.c +++ b/lib/libthr/thread/thr_attr.c @@ -129,8 +129,9 @@ __weak_reference(_thr_attr_get_np, _pthread_attr_get_np); int _thr_attr_get_np(pthread_t pthread, pthread_attr_t *dstattr) { - struct pthread_attr attr, *dst; + struct pthread_attr *dst; struct pthread *curthread; + cpuset_t *cpuset; size_t kern_size; int error; @@ -138,35 +139,43 @@ _thr_attr_get_np(pthread_t pthread, pthread_attr_t *dstattr) return (EINVAL); kern_size = _get_kern_cpuset_size(); - if (dst->cpuset == NULL) { - dst->cpuset = calloc(1, kern_size); - dst->cpusetsize = kern_size; - } + if ((cpuset = malloc(kern_size)) == NULL) + return (ENOMEM); + } else + cpuset = dst->cpuset; curthread = _get_curthread(); /* Arg 0 is to include dead threads. */ if ((error = _thr_find_thread(curthread, pthread, 0)) != 0) - return (error); - - attr = pthread->attr; - if ((pthread->flags & THR_FLAGS_DETACHED) != 0) - attr.flags |= PTHREAD_DETACHED; + goto free_and_exit; error = cpuset_getaffinity(CPU_LEVEL_WHICH, CPU_WHICH_TID, TID(pthread), - dst->cpusetsize, dst->cpuset); - if (error == -1) + kern_size, cpuset); + if (error == -1) { + THR_THREAD_UNLOCK(curthread, pthread); error = errno; + goto free_and_exit; + } - THR_THREAD_UNLOCK(curthread, pthread); + /* + * From this point on, we can't fail, so we can start modifying 'dst'. + */ - if (error == 0) - memcpy(&dst->pthread_attr_start_copy, - &attr.pthread_attr_start_copy, - offsetof(struct pthread_attr, pthread_attr_end_copy) - - offsetof(struct pthread_attr, pthread_attr_start_copy)); + *dst = pthread->attr; + if ((pthread->flags & THR_FLAGS_DETACHED) != 0) + dst->flags |= PTHREAD_DETACHED; + THR_THREAD_UNLOCK(curthread, pthread); + + dst->cpuset = cpuset; + dst->cpusetsize = kern_size; return (0); + +free_and_exit: + if (dst->cpuset == NULL) + free(cpuset); + return (error); } __weak_reference(_thr_attr_getdetachstate, pthread_attr_getdetachstate); diff --git a/lib/libthr/thread/thr_private.h b/lib/libthr/thread/thr_private.h index 3475029f8996..3fc4d02c611e 100644 --- a/lib/libthr/thread/thr_private.h +++ b/lib/libthr/thread/thr_private.h @@ -261,7 +261,6 @@ struct pthread_atfork { }; struct pthread_attr { -#define pthread_attr_start_copy sched_policy int sched_policy; int sched_inherit; int prio; @@ -271,7 +270,6 @@ struct pthread_attr { void *stackaddr_attr; size_t stacksize_attr; size_t guardsize_attr; -#define pthread_attr_end_copy cpuset cpuset_t *cpuset; size_t cpusetsize; };