d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reject ioctls to SCSI enclosures from 32-bit compat processes.

Browse Source 
The ioctl objects contain pointers and require translation and some
refactoring of the infrastructure to work. For now prevent opertion
on garbage values. This is very slightly overbroad in that ENCIOC_INIT
is safe.

Reviewed by:	imp, kib
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14671
This commit is contained in:
Brooks Davis 2018-03-12 23:02:01 +00:00
parent 871dc9833b
commit 405b67a225
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=330820
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sys/cam/scsi/scsi_enc.c
View File

@ -29,6 +29,8 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include "opt_compat.h"
#include <sys/param.h>
#include <sys/conf.h>
@ -39,9 +41,11 @@ __FBSDID("$FreeBSD$");
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/mutex.h>
#include <sys/proc.h>
#include <sys/queue.h>
#include <sys/sbuf.h>
#include <sys/sx.h>
#include <sys/sysent.h>
#include <sys/systm.h>
#include <sys/sysctl.h>
#include <sys/types.h>
@ -354,6 +358,10 @@ enc_ioctl(struct cdev *dev, u_long cmd, caddr_t arg_addr, int flag,
void *addr;
int error, i;
#ifdef COMPAT_FREEBSD32
if (SV_PROC_FLAG(td->td_proc, SV_ILP32))
return (ENOTTY);
#endif
if (arg_addr)
addr = *((caddr_t *) arg_addr);