Browse Source

Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master

* freebsd/12-stable/master:
  MFC r362169: libutil: Document function HISTORY within the manpages
  MFC r362165: Add a HISTORY section to ctime(3)
  MFC r362656:
  MFC r362646:
  MFC r362361, r362363: Add a helper function for validating VA ranges.
remotes/github/hardened/12-stable/master
HardenedBSD Sync Service 3 months ago
parent
commit
efd0b9a75a
27 changed files with 214 additions and 47 deletions
  1. +15
    -1
      bin/sh/tests/functional_test.sh
  2. +3
    -0
      contrib/netbsd-tests/kernel/t_sysv.c
  3. +27
    -0
      contrib/tzcode/stdtime/ctime.3
  4. +5
    -1
      lib/libutil/_secure_path.3
  5. +6
    -1
      lib/libutil/hexdump.3
  6. +6
    -1
      lib/libutil/kinfo_getallproc.3
  7. +5
    -0
      lib/libutil/kinfo_getfile.3
  8. +6
    -1
      lib/libutil/kinfo_getproc.3
  9. +6
    -1
      lib/libutil/kinfo_getvmmap.3
  10. +6
    -1
      lib/libutil/kinfo_getvmobject.3
  11. +6
    -1
      lib/libutil/login.conf.5
  12. +8
    -1
      lib/libutil/login_auth.3
  13. +19
    -1
      lib/libutil/login_cap.3
  14. +11
    -1
      lib/libutil/login_class.3
  15. +9
    -1
      lib/libutil/login_ok.3
  16. +11
    -1
      lib/libutil/login_times.3
  17. +7
    -1
      lib/libutil/login_tty.3
  18. +10
    -1
      lib/libutil/pidfile.3
  19. +4
    -1
      lib/libutil/pw_util.3
  20. +5
    -0
      lib/libutil/realhostname.3
  21. +5
    -0
      lib/libutil/trimdomain.3
  22. +9
    -1
      lib/libutil/uucplock.3
  23. +1
    -1
      sys/compat/linuxkpi/common/src/linux_page.c
  24. +1
    -4
      sys/vm/vm_fault.c
  25. +4
    -8
      sys/vm/vm_map.c
  26. +11
    -0
      sys/vm/vm_map.h
  27. +8
    -17
      sys/vm/vm_mmap.c

+ 15
- 1
bin/sh/tests/functional_test.sh View File

@@ -27,6 +27,7 @@
# $FreeBSD$

SRCDIR=$(atf_get_srcdir)
CATEGORY=$(basename ${SRCDIR})

check()
{
@@ -60,7 +61,20 @@ add_testcase()
esac

atf_test_case ${tc_escaped}
eval "${tc_escaped}_body() { check ${tc}; }"

if [ "$(atf_config_get ci false)" = "true" ]; then
case "${CATEGORY}/${tc}" in
execution/bg12.0)
eval "${tc_escaped}_body() { atf_skip 'https://bugs.freebsd.org/247559'; }"
;;
*)
eval "${tc_escaped}_body() { check ${tc}; }"
;;
esac
else
eval "${tc_escaped}_body() { check ${tc}; }"
fi

atf_add_test_case ${tc_escaped}
}



+ 3
- 0
contrib/netbsd-tests/kernel/t_sysv.c View File

@@ -210,6 +210,9 @@ ATF_TC_BODY(msg, tc)
int loop;
int c_status;

if (atf_tc_get_config_var_as_bool_wd(tc, "ci", false))
atf_tc_skip("https://bugs.freebsd.org/233649");

/*
* Install a SIGSYS handler so that we can exit gracefully if
* System V Message Queue support isn't in the kernel.


+ 27
- 0
contrib/tzcode/stdtime/ctime.3 View File

@@ -335,6 +335,33 @@ the time package contributed to Berkeley by
.An Arthur Olson
and which appeared in
.Bx 4.3 .
.Pp
The functions
.Fn asctime ,
.Fn gmtime ,
and
.Fn localtime
first appeared in
.At v5 ,
.Fn difftime
and
.Fn mktime
in
.Bx 4.3 Reno ,
and
.Fn timegm
and
.Fn timelocal
in SunOS 4.0.
.Pp
The functions
.Fn asctime_r ,
.Fn ctime_r ,
.Fn gmtime_r ,
and
.Fn localtime_r
have been available since
.Fx 8.0 .
.Sh BUGS
Except for
.Fn difftime ,


+ 5
- 1
lib/libutil/_secure_path.3 View File

@@ -19,7 +19,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd May 2, 1997
.Dd May 10, 2020
.Dt _SECURE_PATH 3
.Os
.Sh NAME
@@ -69,6 +69,10 @@ reason, at LOG_ERR priority.
Code from which this function was derived was contributed to the
.Fx
project by Berkeley Software Design, Inc.
The function
.Fn _secure_path
first appeared in
.Fx 2.2.5 .
.Sh BUGS
The checks carried out are rudimentary and no attempt is made
to eliminate race conditions between use of this function and


+ 6
- 1
lib/libutil/hexdump.3 View File

@@ -28,7 +28,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd March 21, 2017
.Dd May 8, 2020
.Dt HEXDUMP 3
.Os
.Sh NAME
@@ -83,6 +83,11 @@ Do not print the character values on each line.
.Sh SEE ALSO
.Xr ascii 7 ,
.Xr sbuf_hexdump 9
.Sh HISTORY
The
.Fn hexdump
function first appeared in
.Fx 6.4 .
.Sh AUTHORS
This manual page was written by
.An Scott Long .

+ 6
- 1
lib/libutil/kinfo_getallproc.3 View File

@@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd May 27, 2015
.Dd May 8, 2020
.Dt KINFO_GETALLPROC 3
.Os
.Sh NAME
@@ -73,3 +73,8 @@ function returns
.Xr free 3 ,
.Xr malloc 3 ,
.Xr sysctl 3
.Sh HISTORY
The
.Fn kinfo_getallproc
function first appeared in
.Fx 8.3 .

+ 5
- 0
lib/libutil/kinfo_getfile.3 View File

@@ -78,3 +78,8 @@ function returns
.Xr kinfo_getvmmap 3 ,
.Xr malloc 3 ,
.Xr sysctl 3
.Sh HISTORY
The
.Fn kinfo_getfile
function first appeared in
.Fx 7.0 .

+ 6
- 1
lib/libutil/kinfo_getproc.3 View File

@@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd May 27, 2015
.Dd May 10, 2020
.Dt KINFO_GETPROC 3
.Os
.Sh NAME
@@ -72,3 +72,8 @@ function returns
.Xr free 3 ,
.Xr malloc 3 ,
.Xr sysctl 3
.Sh HISTORY
The
.Fn kinfo_getproc
function first appeared in
.Fx 7.0 .

+ 6
- 1
lib/libutil/kinfo_getvmmap.3 View File

@@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd August 18, 2017
.Dd May 10, 2020
.Dt KINFO_GETVMMAP 3
.Os
.Sh NAME
@@ -84,3 +84,8 @@ function returns
.Xr free 3 ,
.Xr kinfo_getfile 3 ,
.Xr malloc 3
.Sh HISTORY
The
.Fn kinfo_getvmmap
function first appeared in
.Fx 7.0 .

+ 6
- 1
lib/libutil/kinfo_getvmobject.3 View File

@@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd May 27, 2015
.Dd May 20, 2020
.Dt KINFO_GETVMOBJECT 3
.Os
.Sh NAME
@@ -72,3 +72,8 @@ function returns
.Xr free 3 ,
.Xr kinfo_getvmmap 3 ,
.Xr malloc 3
.Sh HISTORY
The
.Fn kinfo_getvmobject
function first appeared in
.Fx 10.2 .

+ 6
- 1
lib/libutil/login.conf.5 View File

@@ -19,7 +19,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd January 19, 2020
.Dd May 10, 2020
.Dt LOGIN.CONF 5
.Os
.Sh NAME
@@ -471,3 +471,8 @@ lists.
.Xr ttys 5 ,
.Xr ftpd 8 ,
.Xr pam_passwdqc 8
.Sh HISTORY
The file
.Nm
first appeared in
.Fx 2.1.5 .

+ 8
- 1
lib/libutil/login_auth.3 View File

@@ -19,7 +19,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd December 29, 1996
.Dd May 10, 2020
.Dt LOGIN_AUTH 3
.Os
.Sh NAME
@@ -70,3 +70,10 @@ by
.Xr login_class 3 ,
.Xr login.conf 5 ,
.Xr termcap 5
.Sh HISTORY
The functions
.Fn auth_checknologin
and
.Fn auth_cat
first appeared in
.Fx 2.1.5 .

+ 19
- 1
lib/libutil/login_cap.3 View File

@@ -19,7 +19,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd June 14, 2007
.Dd May 10, 2020
.Dt LOGIN_CAP 3
.Os
.Sh NAME
@@ -577,3 +577,21 @@ is returned to indicate this.
.Xr login_class 3 ,
.Xr login.conf 5 ,
.Xr termcap 5
.Sh HISTORY
The functions
.Fn login_close ,
.Fn login_getcapbool ,
.Fn login_getcaplist ,
.Fn login_getcapnum ,
.Fn login_getcapstr ,
.Fn login_getcapsize ,
.Fn login_getcaptime ,
.Fn login_getclass ,
.Fn login_getclassbyname ,
.Fn login_getpwclass ,
.Fn login_getstyle ,
.Fn login_getuserclass
and
.Fn login_setcryptfmt
first appeared in
.Fx 2.1.5 .

+ 11
- 1
lib/libutil/login_class.3 View File

@@ -19,7 +19,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd March 24, 2011
.Dd May 10, 2020
.Dt LOGIN_CLASS 3
.Os
.Sh NAME
@@ -221,3 +221,13 @@ with LOG_ERR priority and directed to the currently active facility.
.Xr mac_set_proc 3 ,
.Xr login.conf 5 ,
.Xr termcap 5
.Sh HISTORY
The functions
.Fn setclasscontext ,
.Fn setclasscpumask ,
.Fn setclassenvironment ,
.Fn setclassresources
and
.Fn setusercontext
first appeared in
.Fx 2.1.5 .

+ 9
- 1
lib/libutil/login_ok.3 View File

@@ -19,7 +19,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd January 2, 1997
.Dd May 10, 2020
.Dt LOGIN_OK 3
.Os
.Sh NAME
@@ -140,3 +140,11 @@ access list.
.Xr login_times 3 ,
.Xr login.conf 5 ,
.Xr termcap 5
.Sh HISTORY
The functions
.Fn auth_ttyok ,
.Fn auth_hostok
and
.Fn auth_timeok
functions first appeared in
.Fx 2.1.5 .

+ 11
- 1
lib/libutil/login_times.3 View File

@@ -19,7 +19,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd October 20, 2008
.Dd May 10, 2020
.Dt LOGIN_TIMES 3
.Os
.Sh NAME
@@ -177,3 +177,13 @@ time falls, or -1 if none of them apply.
.Xr login_class 3 ,
.Xr login.conf 5 ,
.Xr termcap 5
.Sh HISTORY
The functions
.Fn parse_lt ,
.Fn in_lt ,
.Fn in_ltm ,
.Fn in_ltms
and
.Fn in_lts
first appeared in
.Fx 2.1.5 .

+ 7
- 1
lib/libutil/login_tty.3 View File

@@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\" "
.Dd December 29, 1996
.Dd May 10, 2020
.Dt LOGIN_TTY 3
.Os
.Sh NAME
@@ -63,3 +63,9 @@ the controlling terminal of the calling process, and 0 otherwise.
.Xr ioctl 2 ,
.Xr setsid 2 ,
.Xr tty 4
.Sh HISTORY
The function
.Fn login_tty
first appeared in
.Bx 4.4 .


+ 10
- 1
lib/libutil/pidfile.3 View File

@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd February 8, 2012
.Dd May 10, 2020
.Dt PIDFILE 3
.Os
.Sh NAME
@@ -286,6 +286,15 @@ Probably called not from the process which used
.Xr open 2 ,
.Xr daemon 3 ,
.Xr flopen 3
.Sh HISTORY
The functions
.Fn pidfile_open ,
.Fn pidfile_write ,
.Fn pidfile_close
and
.Fn pidfile_remove
first appeared in
.Fx 5.5 .
.Sh AUTHORS
.An -nosplit
The


+ 4
- 1
lib/libutil/pw_util.3 View File

@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd July 26, 2018
.Dd May 10, 2020
.Dt PW_UTIL 3
.Os
.Sh NAME
@@ -288,6 +288,9 @@ The
.Fn pw_tmp
returns an open file descriptor to the temporary password file or -1 in case of
failure.
.Sh HISTORY
The functions for passwd file handling first appeared in
.Bx 4.4 .
.Sh AUTHORS
Portions of this software were developed for the
.Fx


+ 5
- 0
lib/libutil/realhostname.3 View File

@@ -100,3 +100,8 @@ now contains the numeric value of
.Xr gethostbyname 3 ,
.Xr inet_ntoa 3 ,
.Xr realhostname_sa 3
.Sh HISTORY
The
.Fn realhostname
function first appeared in
.Fx 3.2 .

+ 5
- 0
lib/libutil/trimdomain.3 View File

@@ -83,3 +83,8 @@ The
function does not return a value.
.Sh SEE ALSO
.Xr gethostname 3
.Sh HISTORY
The function
.Fn trimdomain
first appeared in
.Fx 3.2 .

+ 9
- 1
lib/libutil/uucplock.3 View File

@@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\" "
.Dd March 30, 1997
.Dd May 10, 2020
.Dt UUCPLOCK 3
.Os
.Sh NAME
@@ -170,6 +170,14 @@ for further details.
.Xr open 2 ,
.Xr read 2 ,
.Xr write 2
.Sh HISTORY
The functions
.Fn uu_lock ,
.Fn uu_unlock
and
.Fn uu_lockerr
first appeared in
.Fx 2.0.5 .
.Sh BUGS
It is possible that a stale lock is not recognised as such if a new
processes is assigned the same processes id as the program that left


+ 1
- 1
sys/compat/linuxkpi/common/src/linux_page.c View File

@@ -235,7 +235,7 @@ __get_user_pages_fast(unsigned long start, int nr_pages, int write,
va = start;
map = &curthread->td_proc->p_vmspace->vm_map;
end = start + (((size_t)nr_pages) << PAGE_SHIFT);
if (start < vm_map_min(map) || end > vm_map_max(map))
if (!vm_map_range_valid(map, start, end))
return (-EINVAL);
prot = write ? (VM_PROT_READ | VM_PROT_WRITE) : VM_PROT_READ;
for (count = 0, mp = pages, va = start; va < end;


+ 1
- 4
sys/vm/vm_fault.c View File

@@ -1643,10 +1643,7 @@ vm_fault_quick_hold_pages(vm_map_t map, vm_offset_t addr, vm_size_t len,
end = round_page(addr + len);
addr = trunc_page(addr);

/*
* Check for illegal addresses.
*/
if (addr < vm_map_min(map) || addr > end || end > vm_map_max(map))
if (!vm_map_range_valid(map, addr, end))
return (-1);

if (atop(end - addr) > max_count)


+ 4
- 8
sys/vm/vm_map.c View File

@@ -1467,8 +1467,7 @@ vm_map_insert(vm_map_t map, vm_object_t object, vm_ooffset_t offset,
/*
* Check that the start and end points are not bogus.
*/
if (start < vm_map_min(map) || end > vm_map_max(map) ||
start >= end)
if (start == end || !vm_map_range_valid(map, start, end))
return (KERN_INVALID_ADDRESS);

/*
@@ -1894,9 +1893,7 @@ again:
goto done;
}
} else if ((cow & MAP_REMAP) != 0) {
if (*addr < vm_map_min(map) ||
*addr + length > vm_map_max(map) ||
*addr + length <= length) {
if (!vm_map_range_valid(map, *addr, *addr + length)) {
rv = KERN_INVALID_ADDRESS;
goto done;
}
@@ -4108,9 +4105,8 @@ vm_map_stack_locked(vm_map_t map, vm_offset_t addrbos, vm_size_t max_ssize,
KASSERT(orient != (MAP_STACK_GROWS_DOWN | MAP_STACK_GROWS_UP),
("bi-dir stack"));

if (addrbos < vm_map_min(map) ||
addrbos + max_ssize > vm_map_max(map) ||
addrbos + max_ssize <= addrbos)
if (max_ssize == 0 ||
!vm_map_range_valid(map, addrbos, addrbos + max_ssize))
return (KERN_INVALID_ADDRESS);
sgp = ((curproc->p_flag2 & P2_STKGAP_DISABLE) != 0 ||
(curproc->p_fctl0 & NT_FREEBSD_FCTL_STKGAP_DISABLE) != 0) ? 0 :


+ 11
- 0
sys/vm/vm_map.h View File

@@ -246,6 +246,17 @@ vm_map_modflags(vm_map_t map, vm_flags_t set, vm_flags_t clear)
{
map->flags = (map->flags | set) & ~clear;
}

static inline bool
vm_map_range_valid(vm_map_t map, vm_offset_t start, vm_offset_t end)
{
if (end < start)
return (false);
if (start < vm_map_min(map) || end > vm_map_max(map))
return (false);
return (true);
}

#endif /* KLD_MODULE */
#endif /* _KERNEL */



+ 8
- 17
sys/vm/vm_mmap.c View File

@@ -308,10 +308,7 @@ kern_mmap_fpcheck(struct thread *td, uintptr_t addr0, size_t size, int prot,
return (EINVAL);

/* Address range must be all in user VM space. */
if (addr < vm_map_min(&vms->vm_map) ||
addr + size > vm_map_max(&vms->vm_map))
return (EINVAL);
if (addr + size < addr)
if (!vm_map_range_valid(&vms->vm_map, addr, addr + size))
return (EINVAL);
#ifdef MAP_32BIT
if (flags & MAP_32BIT && addr + size > MAP_32BIT_MAX_ADDR)
@@ -568,7 +565,7 @@ kern_munmap(struct thread *td, uintptr_t addr0, size_t size)
vm_map_entry_t entry;
bool pmc_handled;
#endif
vm_offset_t addr;
vm_offset_t addr, end;
vm_size_t pageoff;
vm_map_t map;

@@ -580,15 +577,11 @@ kern_munmap(struct thread *td, uintptr_t addr0, size_t size)
addr -= pageoff;
size += pageoff;
size = (vm_size_t) round_page(size);
if (addr + size < addr)
return (EINVAL);

/*
* Check for illegal addresses. Watch out for address wrap...
*/
end = addr + size;
map = &td->td_proc->p_vmspace->vm_map;
if (addr < vm_map_min(map) || addr + size > vm_map_max(map))
if (!vm_map_range_valid(map, addr, end))
return (EINVAL);

vm_map_lock(map);
#ifdef HWPMC_HOOKS
pmc_handled = false;
@@ -600,7 +593,7 @@ kern_munmap(struct thread *td, uintptr_t addr0, size_t size)
*/
pkm.pm_address = (uintptr_t) NULL;
if (vm_map_lookup_entry(map, addr, &entry)) {
for (; entry->start < addr + size;
for (; entry->start < end;
entry = entry->next) {
if (vm_map_check_protection(map, entry->start,
entry->end, VM_PROT_EXECUTE) == TRUE) {
@@ -612,7 +605,7 @@ kern_munmap(struct thread *td, uintptr_t addr0, size_t size)
}
}
#endif
vm_map_delete(map, addr, addr + size);
vm_map_delete(map, addr, end);

#ifdef HWPMC_HOOKS
if (__predict_false(pmc_handled)) {
@@ -749,9 +742,7 @@ kern_madvise(struct thread *td, uintptr_t addr0, size_t len, int behav)
*/
map = &td->td_proc->p_vmspace->vm_map;
addr = addr0;
if (addr < vm_map_min(map) || addr + len > vm_map_max(map))
return (EINVAL);
if ((addr + len) < addr)
if (!vm_map_range_valid(map, addr, addr + len))
return (EINVAL);

/*


Loading…
Cancel
Save