d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a34d3ca6ef
freebsd-dev/sys
History
Jessica Clarke a34d3ca6ef re: Avoid subobject overread when setting IDRn 
IDR0-IDR5 can be read byte-by-byte but must be written to as 4-byte
words. The current code to do this is rather clunky and ends up reading
past the end of the union's eaddr member due to MAC addresses only being
6 bytes. In practice this ends up being fine because the align_dummy
member will pad the union to a multiple of 4 bytes, but this is dodgy,
and on CHERI with subobject bounds enforcement enabled, as is done in
CheriBSD's pure-capability kernel, will trap.

Instead, make the buffer in use the right size, just use an array of
uint32_t's rather than a char buffer that's then cast to uint32_t * to
simplify it in the process, and zero-initialise it first to avoid
reading uninitialised data in the trailing bytes.

Found by:	CHERI
Reviewed by:	jhb
Differential Revision:	https://reviews.freebsd.org/D33617
2021-12-23 20:19:31 +00:00
..
amd64 sysent: regenerate 2021-12-16 20:56:28 -06:00
arm qca: add the TLMM code into the build 2021-12-23 10:42:00 -08:00
arm64 Add atomic_testandset_acq_* on arm64 2021-12-21 13:06:27 +00:00
bsm
cam cam: don't send scsi commands on shutdown when reboot method RB_NOSYNC 2021-12-20 06:32:51 +01:00
cddl dtrace: Disable getf() as it is broken on FreeBSD 2021-12-17 13:10:22 -05:00
compat linux: plug set-but-not-used vars 2021-12-18 13:12:15 +00:00
conf arm: add dwc3 as a compilable driver 2021-12-23 10:36:51 -08:00
contrib ipfilter: Move kernel bits to netpfil 2021-12-20 06:16:33 -08:00
crypto aesni: Fix an out-of-bounds read in AES_GCM_decrypt() 2021-12-16 09:17:06 -05:00
ddb
dev re: Avoid subobject overread when setting IDRn 2021-12-23 20:19:31 +00:00
dts add rk3328 overlay for enabling analog sound 2021-11-13 11:09:23 +02:00
fs nfscl: Check for mmap(2)'d file before doing direct output 2021-12-20 13:10:26 -08:00
gdb
geom geom(4): Fix some of the "set but not used" warnings 2021-12-18 11:42:34 +00:00
gnu
i386 sysent: regenerate 2021-12-16 20:56:28 -06:00
isa
kern Fix buffer overread in preloaded hostuuid parsing 2021-12-22 16:47:23 +00:00
kgssapi
libkern
mips mips: Implement suword16 2021-12-19 12:48:49 +00:00
modules ipfilter: Move kernel bits to netpfil 2021-12-20 06:16:33 -08:00
net pf: make if_pfsync.h self-contained 2021-12-17 12:38:35 +01:00
net80211 net80211: fix debug printf 2021-12-23 15:21:32 +00:00
netgraph ng_pppoe: plug set-but-not-used vars 2021-12-15 12:32:40 +00:00
netinet Fix dtrace SDT probe tcp:::debug-input 2021-12-20 17:15:43 -09:00
netinet6 inet6: fix a LOR between rip and rawinp 2021-12-19 14:43:04 +00:00
netipsec crypto: Consistently use AES instead of Rijndael128 for the AES-CBC cipher. 2021-12-16 13:47:27 -08:00
netpfil ipfilter: Move kernel bits to netpfil 2021-12-20 06:16:33 -08:00
netsmb
nfs nfs: don't truncate directory cookies to 32-bits in the NFS server 2021-12-15 20:54:57 -07:00
nfsclient
nfsserver
nlm
ofed
opencrypto cryptodev.h: Drop 'extern' from function prototypes. 2021-12-21 12:33:49 -08:00
powerpc Implement suword16() for 32-bit and 64-bit PowerPC architecture. 2021-12-19 13:17:55 +01:00
riscv riscv: Fix PLIC -Wunused-but-set-variable warnings 2021-12-10 04:51:32 +00:00
rpc mbuf: Only allow extpg mbufs if the system has a direct map 2021-11-16 13:31:04 -05:00
security Thread creation privilege for realtime group 2021-12-15 00:01:58 +02:00
sys sys: make filedesc.h self-contained 2021-12-17 12:38:35 +01:00
teken
tests
tools sysent: move away from allowing all compat options for other ABIs 2021-12-16 20:56:28 -06:00
ufs Change VOP_READDIR's cookies argument to a **uint64_t 2021-12-15 20:54:57 -07:00
vm Eliminate key press requirement "show vmopag" command output. 2021-12-19 19:40:52 -05:00
x86 pci: add missing PCI id of Coffee Lake GPU 2021-12-17 23:18:31 +02:00
xdr
xen Create wrapper for Giant taken for newbus 2021-12-09 17:04:45 -07:00
Makefile