svn commit: r341491 - in stable/11/sys: amd64/amd64 amd64/ia32 arm/arm fs/procfs i386/i386 kern sparc64/sparc64

Tue Dec 4 19:07:13 UTC 2018

Author: markj
Date: Tue Dec  4 19:07:10 2018
New Revision: 341491
URL: https://svnweb.freebsd.org/changeset/base/341491

Log:
  MFC r341442, r341443:
  Plug memory disclosures via ptrace(2).

Modified:
  stable/11/sys/amd64/amd64/machdep.c
  stable/11/sys/amd64/ia32/ia32_reg.c
  stable/11/sys/arm/arm/machdep_kdb.c
  stable/11/sys/fs/procfs/procfs_dbregs.c
  stable/11/sys/fs/procfs/procfs_fpregs.c
  stable/11/sys/fs/procfs/procfs_regs.c
  stable/11/sys/i386/i386/machdep.c
  stable/11/sys/kern/sys_process.c
  stable/11/sys/sparc64/sparc64/machdep.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/amd64/amd64/machdep.c
==============================================================================

--- stable/11/sys/amd64/amd64/machdep.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/amd64/amd64/machdep.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -2025,6 +2025,7 @@ fill_regs(struct thread *td, struct reg *regs)
 int
 fill_frame_regs(struct trapframe *tp, struct reg *regs)
 {
+
 	regs->r_r15 = tp->tf_r15;
 	regs->r_r14 = tp->tf_r14;
 	regs->r_r13 = tp->tf_r13;
@@ -2056,6 +2057,8 @@ fill_frame_regs(struct trapframe *tp, struct reg *regs
 		regs->r_fs = 0;
 		regs->r_gs = 0;
 	}
+	regs->r_err = 0;
+	regs->r_trapno = 0;
 	return (0);
 }
 

Modified: stable/11/sys/amd64/ia32/ia32_reg.c
==============================================================================
--- stable/11/sys/amd64/ia32/ia32_reg.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/amd64/ia32/ia32_reg.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -105,6 +105,8 @@ fill_regs32(struct thread *td, struct reg32 *regs)
 	regs->r_eflags = tp->tf_rflags;
 	regs->r_esp = tp->tf_rsp;
 	regs->r_ss = tp->tf_ss;
+	regs->r_err = 0;
+	regs->r_trapno = 0;
 	return (0);
 }
 

Modified: stable/11/sys/arm/arm/machdep_kdb.c
==============================================================================
--- stable/11/sys/arm/arm/machdep_kdb.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/arm/arm/machdep_kdb.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -104,6 +104,7 @@ fill_regs(struct thread *td, struct reg *regs)
 	regs->r_cpsr = tf->tf_spsr;
 	return (0);
 }
+
 int
 fill_fpregs(struct thread *td, struct fpreg *regs)
 {
@@ -134,8 +135,11 @@ set_fpregs(struct thread *td, struct fpreg *regs)
 int
 fill_dbregs(struct thread *td, struct dbreg *regs)
 {
+
+	bzero(regs, sizeof(*regs));
 	return (0);
 }
+
 int
 set_dbregs(struct thread *td, struct dbreg *regs)
 {

Modified: stable/11/sys/fs/procfs/procfs_dbregs.c
==============================================================================
--- stable/11/sys/fs/procfs/procfs_dbregs.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/fs/procfs/procfs_dbregs.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -112,8 +112,10 @@ procfs_doprocdbregs(PFS_FILL_ARGS)
 			return (EINVAL);
 		}
 		wrap32 = 1;
-	}
+		memset(&r32, 0, sizeof(r32));
+	} else
 #endif
+		memset(&r, 0, sizeof(r));
 	error = PROC(read, dbregs, td2, &r);
 	if (error == 0) {
 		PROC_UNLOCK(p);

Modified: stable/11/sys/fs/procfs/procfs_fpregs.c
==============================================================================
--- stable/11/sys/fs/procfs/procfs_fpregs.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/fs/procfs/procfs_fpregs.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -102,7 +102,6 @@ procfs_doprocfpregs(PFS_FILL_ARGS)
 		return (EBUSY);
 	}
 
-	/* XXXKSE: */
 	td2 = FIRST_THREAD_IN_PROC(p);
 #ifdef COMPAT_FREEBSD32
 	if (SV_CURPROC_FLAG(SV_ILP32)) {
@@ -111,8 +110,10 @@ procfs_doprocfpregs(PFS_FILL_ARGS)
 			return (EINVAL);
 		}
 		wrap32 = 1;
-	}
+		memset(&r32, 0, sizeof(r32));
+	} else
 #endif
+		memset(&r, 0, sizeof(r));
 	error = PROC(read, fpregs, td2, &r);
 	if (error == 0) {
 		PROC_UNLOCK(p);

Modified: stable/11/sys/fs/procfs/procfs_regs.c
==============================================================================
--- stable/11/sys/fs/procfs/procfs_regs.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/fs/procfs/procfs_regs.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -102,7 +102,6 @@ procfs_doprocregs(PFS_FILL_ARGS)
 		return (EBUSY);
 	}
 
-	/* XXXKSE: */
 	td2 = FIRST_THREAD_IN_PROC(p);
 #ifdef COMPAT_FREEBSD32
 	if (SV_CURPROC_FLAG(SV_ILP32)) {
@@ -111,8 +110,10 @@ procfs_doprocregs(PFS_FILL_ARGS)
 			return (EINVAL);
 		}
 		wrap32 = 1;
-	}
+		memset(&r32, 0, sizeof(r32));
+	} else
 #endif
+		memset(&r, 0, sizeof(r));
 	error = PROC(read, regs, td2, &r);
 	if (error == 0) {
 		PROC_UNLOCK(p);

Modified: stable/11/sys/i386/i386/machdep.c
==============================================================================
--- stable/11/sys/i386/i386/machdep.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/i386/i386/machdep.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -2954,6 +2954,7 @@ fill_regs(struct thread *td, struct reg *regs)
 int
 fill_frame_regs(struct trapframe *tp, struct reg *regs)
 {
+
 	regs->r_fs = tp->tf_fs;
 	regs->r_es = tp->tf_es;
 	regs->r_ds = tp->tf_ds;
@@ -2969,6 +2970,8 @@ fill_frame_regs(struct trapframe *tp, struct reg *regs
 	regs->r_eflags = tp->tf_eflags;
 	regs->r_esp = tp->tf_esp;
 	regs->r_ss = tp->tf_ss;
+	regs->r_err = 0;
+	regs->r_trapno = 0;
 	return (0);
 }
 

Modified: stable/11/sys/kern/sys_process.c
==============================================================================
--- stable/11/sys/kern/sys_process.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/kern/sys_process.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -541,6 +541,9 @@ struct ptrace_args {
  *   copyin(uap->addr, &r.reg32, sizeof r.reg32);
  * .. except this is done at runtime.
  */
+#define	BZERO(a, s)		wrap32 ? \
+	bzero(a ## 32, s ## 32) : \
+	bzero(a, s)
 #define	COPYIN(u, k, s)		wrap32 ? \
 	copyin(u, k ## 32, s ## 32) : \
 	copyin(u, k, s)
@@ -548,6 +551,7 @@ struct ptrace_args {
 	copyout(k ## 32, u, s ## 32) : \
 	copyout(k, u, s)
 #else
+#define	BZERO(a, s)		bzero(a, s)
 #define	COPYIN(u, k, s)		copyin(u, k, s)
 #define	COPYOUT(k, u, s)	copyout(k, u, s)
 #endif
@@ -573,7 +577,7 @@ sys_ptrace(struct thread *td, struct ptrace_args *uap)
 		struct ptrace_lwpinfo32 pl32;
 		struct ptrace_vm_entry32 pve32;
 #endif
-		char args[nitems(td->td_sa.args) * sizeof(register_t)];
+		char args[sizeof(td->td_sa.args)];
 		int ptevents;
 	} r;
 	void *addr;
@@ -590,11 +594,17 @@ sys_ptrace(struct thread *td, struct ptrace_args *uap)
 	addr = &r;
 	switch (uap->req) {
 	case PT_GET_EVENT_MASK:
+	case PT_LWPINFO:
+	case PT_GET_SC_ARGS:
+		break;
 	case PT_GETREGS:
+		BZERO(&r.reg, sizeof r.reg);
+		break;
 	case PT_GETFPREGS:
+		BZERO(&r.fpreg, sizeof r.fpreg);
+		break;
 	case PT_GETDBREGS:
-	case PT_LWPINFO:
-	case PT_GET_SC_ARGS:
+		BZERO(&r.dbreg, sizeof r.dbreg);
 		break;
 	case PT_SETREGS:
 		error = COPYIN(uap->addr, &r.reg, sizeof r.reg);
@@ -662,6 +672,7 @@ sys_ptrace(struct thread *td, struct ptrace_args *uap)
 }
 #undef COPYIN
 #undef COPYOUT
+#undef BZERO
 
 #ifdef COMPAT_FREEBSD32
 /*

Modified: stable/11/sys/sparc64/sparc64/machdep.c
==============================================================================
--- stable/11/sys/sparc64/sparc64/machdep.c	Tue Dec  4 19:06:11 2018	(r341490)
+++ stable/11/sys/sparc64/sparc64/machdep.c	Tue Dec  4 19:07:10 2018	(r341491)
@@ -1057,6 +1057,7 @@ fill_fpregs(struct thread *td, struct fpreg *fpregs)
 	bcopy(pcb->pcb_ufp, fpregs->fr_regs, sizeof(fpregs->fr_regs));
 	fpregs->fr_fsr = tf->tf_fsr;
 	fpregs->fr_gsr = tf->tf_gsr;
+	fpregs->fr_pad[0] = 0;
 	return (0);
 }
 
