From nobody Wed Aug 24 17:36:01 2022
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MCYD204mDz4ZRQt;
	Wed, 24 Aug 2022 17:36:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4MCYD16P42z3DdR;
	Wed, 24 Aug 2022 17:36:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1661362561;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ek4C1QlHsy5DK+au5mZt5rmd5FRuECYz2aKgqz2om+A=;
	b=u83KWqdp7Zw6HkXv8/dhpbwvdRbOWJNfKfudlvuk4KdZ6oRt6CVPnzZZMoJvEcpDWv16rE
	qCodlsXbXFA5SdNgFsDiDyD0Kd62L9zB2VOyKdGF6neneb3FulxL4D1BNAjpbYJHLAziMS
	EruSr0itbmsVUR2Zr2W2tgVl/ySQJFTOdrLgXzRzplG3ETawDOYJR0VNrVoYn36pKhuVTj
	xZLZy31ryCOgsA5xQ8/3oDA+gp/SVqncPmwpWSxJRD5GnsjL7hHzQJXCZqs34kmRG/eAQx
	BMIBkYtXC3tt8SZOCQ4MQMB9ORCjJqMmKH9Tia+XXuhsjJmaR0vEpu4K0DtCHA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MCYD157CRzH9m;
	Wed, 24 Aug 2022 17:36:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27OHa18R013300;
	Wed, 24 Aug 2022 17:36:01 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27OHa1qW013299;
	Wed, 24 Aug 2022 17:36:01 GMT
	(envelope-from git)
Date: Wed, 24 Aug 2022 17:36:01 GMT
Message-Id: <202208241736.27OHa1qW013299@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Brooks Davis <brooks@FreeBSD.org>
Subject: git: c46697b9cb97 - main - freebsd32_sendmsg: fix control message ABI
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-main@freebsd.org
X-BeenThere: dev-commits-src-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: brooks
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: c46697b9cb97a14f61ac0a58758aab081b9e48c5
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1661362561;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ek4C1QlHsy5DK+au5mZt5rmd5FRuECYz2aKgqz2om+A=;
	b=aGjt0nPxrZaVwULBnML4AXPHCmYdx3h3vZe/oHbxVV6NgslYCexHcfMDPVjBUYwXyrhW0h
	3qhkkwj9WWcn1M3puXtEhD2uWWmAdAWcGjb4vrDbfAhHLptT2VqkEMvGPDpH4SqckBDfae
	jzqxJXjUex3MkXyBsURa1IZ9E7XMTszRT2X7Mn1eKJJQycFVtmRm6OudM28nZf0UJa6cI7
	8WJHdemXFLR9bzBZsFlV9eMXCPMv9ZoJf5zbAf4RqX86/D4MmhOqJBUZbPGvMzVlRupW5L
	XO50i9NYDfRTBGHty0lTStH+pqKoCMp48a0lqGzo2fMQoDlmAxMQKEAK6FAkKA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1661362561; a=rsa-sha256; cv=none;
	b=t4pR+g2MRAFQUOBOGwmAaCH99p7aK/ea+QROzpEt9a4CR2EX6J8msXJ/FvMUOJD/f+Bfic
	kZ3oY9ng21ug4bGAG4S4YBvjJIaGsGCvzcgAeKQZYMuNkwTdKNFWrhKKwq+0P9L8uZM3Tm
	/hrSYF9LrO5CcoDcGNLv0Z/8Vs2Ud5h5cuIc8eOVLBeAsnowN0OrP9AaTPdJVZLi2AIgkK
	vih2Nn7OcryUT1FXPkOmeAOWikZFwDbZntX/JmHUCz3VIqbOnZnGxOZ9GnSQoHfAUHelAc
	vzT5ZOp6WfOxebTiCgiri7UrcWmtSgSOFFQpvUGidJGrCoqcvssStlE1zxXKIQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by brooks:

URL: https://cgit.FreeBSD.org/src/commit/?id=c46697b9cb97a14f61ac0a58758aab081b9e48c5

commit c46697b9cb97a14f61ac0a58758aab081b9e48c5
Author:     Brooks Davis <brooks@FreeBSD.org>
AuthorDate: 2022-08-24 17:34:39 +0000
Commit:     Brooks Davis <brooks@FreeBSD.org>
CommitDate: 2022-08-24 17:34:39 +0000

    freebsd32_sendmsg: fix control message ABI
    
    When a freebsd32 caller uses all or most allowed space for control
    messages (MCLBYTES == 2K) then the message may no longer fit when
    the messages are padded for 64-bit alignment.  Historically we've just
    shrugged and said there is no ABI guarantee.  We ran into this on
    CheriBSD where a capsicumized 64-bit nm would fail when called with more
    than 64 files.
    
    Fix this by not gratutiously capping size of mbuf data we'll allocate
    to MCLBYTES and let m_get2 allocate up to MJUMPAGESIZE (4K or larger).
    Instead of hard-coding a length check, let m_get2 do it and check for a
    NULL return.
    
    Reviewed by:    markj, jhb, emaste
    Sponsored by:   DARPA, AFRL
    Differential Revision:  https://reviews.freebsd.org/D36322
---
 sys/compat/freebsd32/freebsd32_misc.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c
index d1c44a4f9952..b4c212ecd38d 100644
--- a/sys/compat/freebsd32/freebsd32_misc.c
+++ b/sys/compat/freebsd32/freebsd32_misc.c
@@ -1535,6 +1535,7 @@ freebsd32_copyin_control(struct mbuf **mp, caddr_t buf, u_int buflen)
 	u_int msglen, outlen;
 	int error;
 
+	/* Enforce the size limit of the native implementation. */
 	if (buflen > MCLBYTES)
 		return (EINVAL);
 
@@ -1570,20 +1571,20 @@ freebsd32_copyin_control(struct mbuf **mp, caddr_t buf, u_int buflen)
 		outlen += CMSG_ALIGN(sizeof(*cm)) +
 		    CMSG_ALIGN(msglen - FREEBSD32_ALIGN(sizeof(*cm)));
 	}
-	if (error == 0 && outlen > MCLBYTES) {
-		/*
-		 * XXXMJ This implies that the upper limit on 32-bit aligned
-		 * control messages is less than MCLBYTES, and so we are not
-		 * perfectly compatible.  However, there is no platform
-		 * guarantee that mbuf clusters larger than MCLBYTES can be
-		 * allocated.
-		 */
-		error = EINVAL;
-	}
 	if (error != 0)
 		goto out;
 
+	/*
+	 * Allocate up to MJUMPAGESIZE space for the re-aligned and
+	 * re-padded control messages.  This allows a full MCLBYTES of
+	 * 32-bit sized and aligned messages to fit and avoids an ABI
+	 * mismatch with the native implementation.
+	 */
 	m = m_get2(outlen, M_WAITOK, MT_CONTROL, 0);
+	if (m == NULL) {
+		error = EINVAL;
+		goto out;
+	}
 	m->m_len = outlen;
 	md = mtod(m, void *);