d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
987ff18184
freebsd-dev/lib/libc/sys
History
Konstantin Belousov 987ff18184 Consistently handle negative or wrapping offsets in the mmap(2) syscalls. 
For regular files and posix shared memory, POSIX requires that
[offset, offset + size) range is legitimate.  At the maping time,
check that offset is not negative.  Allowing negative offsets might
expose the data that filesystem put into vm_object for internal use,
esp. due to OFF_TO_IDX() signess treatment.  Fault handler verifies
that the mapped range is valid, assuming that mmap(2) checked that
arithmetic gives no undefined results.

For device mappings, leave the semantic of negative offsets to the
driver.  Correct object page index calculation to not erronously
propagate sign.

In either case, disallow overflow of offset + size.

Update mmap(2) man page to explain the requirement of the range
validity, and behaviour when the range becomes invalid after mapping.

Reported and tested by:	royger (previous version)
Reviewed by:	alc
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-02-12 21:05:44 +00:00
..
__error.c Add missing include to eliminate -Wmissing-prototypes warnings 2015-09-20 03:49:08 +00:00
__vdso_gettimeofday.c Implement userspace gettimeofday(2) with HPET timecounter. 2016-08-17 09:52:09 +00:00
_exit.2 intro(2),_exit(2): Update for reaper (procctl(PROC_REAP_ACQUIRE)). 2016-09-08 21:50:03 +00:00
_umtx_op.2 Fix markup. 2016-06-04 20:20:14 +00:00
abort2.2
accept4.c
accept.2
accept.c
access.2
acct.2
adjtime.2
aio_cancel.2
aio_error.2
aio_fsync.2 Fix various nits in the aio operation manpages. 2016-08-19 17:37:32 +00:00
aio_mlock.2 Fix various nits in the aio operation manpages. 2016-08-19 17:37:32 +00:00
aio_read.2 Fix various nits in the aio operation manpages. 2016-08-19 17:37:32 +00:00
aio_return.2 Fully handle size_t lengths in AIO requests. 2016-03-21 21:37:33 +00:00
aio_suspend.2
aio_suspend.c
aio_waitcomplete.2 Fully handle size_t lengths in AIO requests. 2016-03-21 21:37:33 +00:00
aio_write.2 Fix various nits in the aio operation manpages. 2016-08-19 17:37:32 +00:00
bind.2 Remove <sys/types.h> from the SYNOPSIS. 2016-08-18 06:39:09 +00:00
bindat.2
brk.2 Remove sys/types.h due to STANDARDS and unistd.h also includes sys/types.h. 2015-12-15 15:19:06 +00:00
cap_enter.2 Add an article. 2016-09-30 15:47:13 +00:00
cap_fcntls_limit.2
cap_ioctls_limit.2
cap_rights_limit.2
chdir.2
chflags.2
chmod.2
chown.2
chroot.2
clock_gettime.2 Verify that tv_sec value specified in settimeofday() and clock_settime() 2015-12-27 15:37:07 +00:00
clock_gettime.c
close.2
close.c Add missing includes to eliminate -Wmissing-prototypes warnings 2015-09-20 03:45:57 +00:00
closefrom.2
connect.2 Remove <sys/types.h> from the SYNOPSIS. 2016-08-18 06:39:09 +00:00
connect.c
connectat.2
cpuset_getaffinity.2 Improve errno documentation in pthread_create(3) and thr_new(2) 2016-06-03 14:30:32 +00:00
cpuset.2 cpuset.9: Link to/from the new page 2015-10-20 23:52:37 +00:00
dup.2
execve.2
extattr_get_file.2
fcntl.2 fcntl(2): Document interrupt/restart for file locks. 2016-07-07 21:44:59 +00:00
fcntl.c
fdatasync.c The fdatasync(2) call must be cancellation point. 2016-08-16 08:27:03 +00:00
ffclock.2
fhopen.2
flock.2
fork.2
fork.c
fsync.2 Add fdatasync(2) man page, combined with fsync(2). 2016-08-17 10:16:42 +00:00
fsync.c Add missing includes to eliminate -Wmissing-prototypes warnings 2015-09-20 03:45:57 +00:00
futimens.c Update futimens/utimensat for MFC to stable/10: 2016-01-12 20:53:57 +00:00
getdirentries.2 Fix spelling of MAXNAMLEN. 2016-03-09 13:45:03 +00:00
getdtablesize.2 sysconf(2) -> sysconf(3) 2016-02-29 17:20:04 +00:00
getfh.2
getfsstat.2 Rename the 'flags' argument to getfsstat() to 'mode' and validate it. 2016-12-27 20:21:11 +00:00
getgid.2 Remove sys/types.h due to STANDARDS and unistd.h also includes sys/types.h. 2015-12-15 15:19:06 +00:00
getgroups.2
getitimer.2
getlogin.2
getloginclass.2 Add some .Xrs to getloginclass(2). 2016-07-12 06:00:57 +00:00
getpeername.2
getpgrp.2
getpid.2 Remove sys/types.h due to STANDARDS and unistd.h also includes sys/types.h. 2015-12-15 15:19:06 +00:00
getpriority.2
getrlimit.2 Minor markup and wording fixes. 2016-09-30 13:04:18 +00:00
getrusage.2
getsid.2
getsockname.2
getsockopt.2 Improve wording around SO_TS_CLOCK documentation. 2017-01-20 18:37:14 +00:00
gettimeofday.2 Verify that tv_sec value specified in settimeofday() and clock_settime() 2015-12-27 15:37:07 +00:00
gettimeofday.c
getuid.2 Remove sys/types.h due to STANDARDS and unistd.h also includes sys/types.h. 2015-12-15 15:08:29 +00:00
interposing_table.c The fdatasync(2) call must be cancellation point. 2016-08-16 08:27:03 +00:00
intro.2 intro(2),_exit(2): Update for reaper (procctl(PROC_REAP_ACQUIRE)). 2016-09-08 21:50:03 +00:00
ioctl.2
issetugid.2
jail.2 Mark jail(2), and the sysctls that it (and only it) uses as deprecated. 2016-05-30 05:21:24 +00:00
kenv.2
kevent.c
kill.2
kldfind.2
kldfirstmod.2
kldload.2
kldnext.2
kldstat.2
kldsym.2 Use 'cmd' rather than 'command' to match the function prototype. 2016-10-17 22:36:37 +00:00
kldunload.2
kqueue.2 Improve grammar. 2016-10-06 17:35:50 +00:00
ktrace.2 Document KTRFAC_FAULT and KTRFAC_FAULTEND. 2016-03-31 23:55:19 +00:00
link.2
lio_listio.2 Add documentation for the sigevent structure. 2016-07-15 15:12:56 +00:00
listen.2 Remove <sys/types.h> from the SYNOPSIS. 2016-08-18 06:39:09 +00:00
lseek.2 Bump .Dd for r295764 2016-02-18 18:50:03 +00:00
madvise.2
Makefile.inc Replace dot-dot relative pathing with SRCTOP-relative paths where possible 2017-01-20 03:23:24 +00:00
mincore.2
minherit.2
mkdir.2
mkfifo.2
mknod.2
mlock.2
mlockall.2
mmap.2 Consistently handle negative or wrapping offsets in the mmap(2) syscalls. 2017-02-12 21:05:44 +00:00
modfind.2 Use the right argumant name 2016-03-18 08:47:17 +00:00
modnext.2
modstat.2
mount.2
mprotect.2 mprotect(): Change prototype to comply to POSIX. 2016-08-03 06:33:04 +00:00
mq_close.2
mq_getattr.2
mq_notify.2 Add documentation for the sigevent structure. 2016-07-15 15:12:56 +00:00
mq_open.2
mq_receive.2
mq_send.2
mq_setattr.2
msgctl.2
msgget.2
msgrcv.2 Change the return type of msgrcv() to ssize_t as required by POSIX. 2016-07-28 12:22:01 +00:00
msgsnd.2
msync.2
msync.c Add missing includes to eliminate -Wmissing-prototypes warnings 2015-09-20 03:45:57 +00:00
munmap.2
nanosleep.2
nanosleep.c
nfssvc.2
ntp_adjtime.2
numa_getaffinity.2
open.2 open(2): Clarify non-POSIX error when opening a symlink with O_NOFOLLOW. 2016-11-22 22:30:55 +00:00
open.c
openat.c
pathconf.2
pdfork.2 Introduce the PD_CLOEXEC for pdfork(2). 2016-06-08 02:09:14 +00:00
pipe.2 Change wording to use function rather than system call in the description 2016-07-20 18:16:58 +00:00
pipe.c Replace use of the pipe(2) system call with pipe2(2) with a zero flags 2016-06-22 21:11:27 +00:00
poll.2
poll.c
posix_fadvise.2 Revert r288628 and instead fix a discrepancy between the posix_fadvise(2) 2015-10-03 22:27:14 +00:00
posix_fallocate.2
posix_openpt.2 posix_openpt.2: Sort includes per style(9) 2016-09-21 17:51:27 +00:00
ppoll.c
procctl.2 Editing fixes for r306257, documentation for trapcap. 2016-09-27 11:31:53 +00:00
profil.2
pselect.2
pselect.c
ptrace.2 Typesetting fixes. 2016-08-29 19:53:13 +00:00
ptrace.c Rewrite ptrace(2) wrappers in C. 2016-08-29 18:47:51 +00:00
quotactl.2
rctl_add_rule.2 Add manpage for rctl_* system calls 2016-09-19 02:25:30 +00:00
read.2 Remove sys/types.h due to STANDARDS and unistd.h also includes sys/types.h. 2015-12-15 15:19:06 +00:00
read.c
readlink.2
readv.c Add missing includes to eliminate -Wmissing-prototypes warnings 2015-09-20 03:45:57 +00:00
reboot.2 kenv(8) -> kenv(1) 2016-02-29 17:22:34 +00:00
recv.2 Clean up documentation of AF_UNIX control messages. 2017-02-03 20:33:23 +00:00
recvfrom.c
recvmsg.c
rename.2
revoke.2 Restore flushing of output for revoke(2) again. Document revoke()'s 2016-01-26 07:57:44 +00:00
rfork.2
rmdir.2
rtprio.2
sched_get_priority_max.2
sched_setparam.2
sched_setscheduler.2
sched_yield.2
sctp_generic_recvmsg.2
sctp_generic_sendmsg.2
sctp_peeloff.2
select.2
select.c
semctl.2
semget.2 semget(2): Add missing [EINVAL] conditions. 2016-02-07 21:25:08 +00:00
semop.2
send.2 Remove <sys/types.h> from the SYNOPSIS. 2016-08-18 06:39:09 +00:00
sendfile.2 Add flag SF_USER_READAHEAD to sendfile(2). When specified, the syscall won't 2016-11-17 21:36:18 +00:00
sendmsg.c
sendto.c
setcontext.c
setfib.2
setgroups.2
setpgid.2
setregid.2
setresuid.2
setreuid.2
setsid.2
setuid.2 Remove sys/types.h due to STANDARDS and unistd.h also includes sys/types.h. 2015-12-15 15:08:29 +00:00
shm_open.2 Mention sendfile(2) by popular demand. 2017-01-20 17:29:59 +00:00
shmat.2
shmctl.2 Change the default setting of kern.ipc.shm_allow_removed from 0 to 1. 2015-10-10 09:29:47 +00:00
shmget.2
shutdown.2 Make shutdown() return ENOTCONN as required by POSIX, part deux. 2015-07-27 13:17:57 +00:00
sigaction.2 Reinstate Xr macros that were accidentally removed in a previous 2016-09-30 13:05:32 +00:00
sigaction.c Switch libc from using _sig{procmask,action,suspend} symbols, which 2015-08-29 14:25:01 +00:00
sigaltstack.2
sigpending.2
sigprocmask.2
sigprocmask.c Switch libc from using _sig{procmask,action,suspend} symbols, which 2015-08-29 14:25:01 +00:00
sigqueue.2
sigreturn.2
sigstack.2
sigsuspend.2
sigsuspend.c Switch libc from using _sig{procmask,action,suspend} symbols, which 2015-08-29 14:25:01 +00:00
sigtimedwait.c
sigwait.2
sigwait.c
sigwaitinfo.2
sigwaitinfo.c
socket.2 Remove <sys/types.h> from the SYNOPSIS. 2016-08-18 06:39:09 +00:00
socketpair.2
stat.2 - Add the 'restrict' type qualifier to match function prototype. 2016-01-14 01:33:16 +00:00
statfs.2
swapcontext.c
swapon.2
Symbol.map Garbage collect _umtx_lock(2)/_umtx_unlock(2) references removed in r263318. 2016-08-17 10:20:05 +00:00
symlink.2
sync.2
sysarch.2
syscall.2
thr_exit.2 thr_*(2): Add xrefs to what libthr implements using each syscall. 2016-06-01 21:58:13 +00:00
thr_kill.2 thr_*(2): Add xrefs to what libthr implements using each syscall. 2016-06-01 21:58:13 +00:00
thr_new.2 Improve errno documentation in pthread_create(3) and thr_new(2) 2016-06-03 14:30:32 +00:00
thr_self.2 thr_*(2): Add xrefs to what libthr implements using each syscall. 2016-06-01 21:58:13 +00:00
thr_set_name.2 thr_set_name(): silently truncate the given name as needed 2016-12-03 01:14:21 +00:00
thr_suspend.2 Reword the statement. 2016-09-30 16:02:25 +00:00
thr_wake.2 Document thr_suspend(2) and thr_wake(2). 2016-09-26 08:18:34 +00:00
timer_create.2 Add documentation for the sigevent structure. 2016-07-15 15:12:56 +00:00
timer_delete.2
timer_settime.2
trivial-vdso_tc.c Implement userspace gettimeofday(2) with HPET timecounter. 2016-08-17 09:52:09 +00:00
truncate.2
umask.2
undelete.2
unlink.2 unlink(2): Note the possibility for ENOSPC to be returned on ZFS. 2015-07-28 22:48:58 +00:00
utimensat.2 utimensat(2): Correct description of [EINVAL] error. 2016-01-17 21:14:27 +00:00
utimensat.c Update futimens/utimensat for MFC to stable/10: 2016-01-12 20:53:57 +00:00
utimes.2 utimes(2),utime(3): Add deprecation in favour of utimensat(2) and futimens(2). 2016-06-09 22:14:58 +00:00
utrace.2 mdoc: sort Xr 2016-01-18 20:21:38 +00:00
uuidgen.2
vfork.2 vfork(2): Mention some risks of calling vfork() from application code. 2016-05-22 13:32:45 +00:00
wait4.c
wait6.c
wait.2 Document behavior of wait introduced in the r286698. 2016-06-01 19:49:38 +00:00
write.2 Remove sys/types.h due to STANDARDS and unistd.h also includes sys/types.h. 2015-12-15 15:19:06 +00:00
write.c
writev.c Add missing includes to eliminate -Wmissing-prototypes warnings 2015-09-20 03:45:57 +00:00