cvs commit: src/sys/kern kern_sysctl.c

Bruce Evans bde at zeta.org.au
Sun Oct 5 05:17:20 PDT 2003


On Sun, 5 Oct 2003, Don Lewis wrote:

> On  5 Oct, Bruce M Simpson wrote:
> > bms         2003/10/05 02:37:47 PDT
> >
> >   FreeBSD src repository
> >
> >   Modified files:
> >     sys/kern             kern_sysctl.c
> >   Log:
> >   Fix a security problem in sysctl() the long way round.
> >
> >   Use pre-emption detection to avoid the need for wiring a userland buffer
> >   when copying opaque data structures.
> >
> >   sysctl_wire_old_buffer() is now a no-op. Other consumers of this
> >   API should use pre-emption detection to notice update collisions.
>
> There are a number of consumers of sysctl_wire_old_buffer() that use it
> to avoid blocking while holding a mutex.  In general they call
> SYSCTL_OUT() multiple times while traversing a data structure.  They
> probably should have been fixed before neutering
> sysctl_wire_old_buffer().

I'm not happy with most of this set of changes.  The largest bug that
I noticed is that the implementation of retrying is quite broken.
SYSCTL_OUT() continues from the current position, so if a context
switch occurs then garbage output or a garbage errno is ensured by
attempting to fill the user buffer with multiple copies of the data.

Bruce


More information about the cvs-src mailing list