From 611fcff994ae57d52fa08275f7b72f00ebb5a073 Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Fri, 1 Apr 2016 18:29:38 +0000 Subject: [PATCH] Cap IOSIZE_MAX to INT_MAX for 32-bit processes. Previously, freebsd32 binaries could submit read/write requests with lengths greater than INT_MAX that a native kernel would have rejected. Reviewed by: kib Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D5788 --- sys/kern/sys_generic.c | 24 ++++++++++++++++++++++-- sys/sys/systm.h | 17 +++++++++++++---- 2 files changed, 35 insertions(+), 6 deletions(-) diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c index fe79f52929be..75fb66efe2b7 100644 --- a/sys/kern/sys_generic.c +++ b/sys/kern/sys_generic.c @@ -89,12 +89,14 @@ __FBSDID("$FreeBSD$"); #define SYS_IOCTL_SMALL_SIZE 128 /* bytes */ #define SYS_IOCTL_SMALL_ALIGN 8 /* bytes */ -int iosize_max_clamp = 0; +#ifdef __LP64__ +static int iosize_max_clamp = 0; SYSCTL_INT(_debug, OID_AUTO, iosize_max_clamp, CTLFLAG_RW, &iosize_max_clamp, 0, "Clamp max i/o size to INT_MAX"); -int devfs_iosize_max_clamp = 1; +static int devfs_iosize_max_clamp = 1; SYSCTL_INT(_debug, OID_AUTO, devfs_iosize_max_clamp, CTLFLAG_RW, &devfs_iosize_max_clamp, 0, "Clamp max i/o size to INT_MAX for devices"); +#endif /* * Assert that the return value of read(2) and write(2) syscalls fits @@ -159,6 +161,24 @@ struct selfd { static uma_zone_t selfd_zone; static struct mtx_pool *mtxpool_select; +#ifdef __LP64__ +size_t +devfs_iosize_max(void) +{ + + return (devfs_iosize_max_clamp || SV_CURPROC_FLAG(SV_ILP32) ? + INT_MAX : SSIZE_MAX); +} + +size_t +iosize_max(void) +{ + + return (iosize_max_clamp || SV_CURPROC_FLAG(SV_ILP32) ? + INT_MAX : SSIZE_MAX); +} +#endif + #ifndef _SYS_SYSPROTO_H_ struct read_args { int fd; diff --git a/sys/sys/systm.h b/sys/sys/systm.h index 026a03ccba40..9c6e45082170 100644 --- a/sys/sys/systm.h +++ b/sys/sys/systm.h @@ -148,10 +148,14 @@ extern char **kenvp; extern const void *zero_region; /* address space maps to a zeroed page */ extern int unmapped_buf_allowed; -extern int iosize_max_clamp; -extern int devfs_iosize_max_clamp; -#define IOSIZE_MAX (iosize_max_clamp ? INT_MAX : SSIZE_MAX) -#define DEVFS_IOSIZE_MAX (devfs_iosize_max_clamp ? INT_MAX : SSIZE_MAX) + +#ifdef __LP64__ +#define IOSIZE_MAX iosize_max() +#define DEVFS_IOSIZE_MAX devfs_iosize_max() +#else +#define IOSIZE_MAX SSIZE_MAX +#define DEVFS_IOSIZE_MAX SSIZE_MAX +#endif /* * General function declarations. @@ -403,6 +407,11 @@ struct cdev; dev_t dev2udev(struct cdev *x); const char *devtoname(struct cdev *cdev); +#ifdef __LP64__ +size_t devfs_iosize_max(void); +size_t iosize_max(void); +#endif + int poll_no_poll(int events); /* XXX: Should be void nanodelay(u_int nsec); */