d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd with flexible iflib nic queues
272,703 Commits 6 Branches 133 Tags 2.6 GiB
C 60.1%
C++ 26.1%
Roff 4.9%
Shell 3%
Assembly 1.7%
Other 3.7%
dd08b84e35
Go to file
Rick Macklem dd08b84e35 nfscl: Fix a use after free in nfscl_cleanupkext() 
ler@, markj@ reported a use after free in nfscl_cleanupkext().
They also provided two possible causes:
- In nfscl_cleanup_common(), "own" is the owner string
  owp->nfsow_owner.  If we free that particular
  owner structure, than in subsequent comparisons
  "own" will point to freed memory.
- nfscl_cleanup_common() can free more than one owner, so the use
  of LIST_FOREACH_SAFE() in nfscl_cleanupkext() is not sufficient.

I also believe there is a 3rd:
- If nfscl_freeopenowner() or nfscl_freelockowner() is called
  without the NFSCLSTATE mutex held, this could race with
  nfscl_cleanupkext().
  This could happen when the exclusive lock is held
  on the client, such as when delegations are being returned.

This patch fixes them as follows:
1 - Copy the owner string to a local variable before the
    nfscl_cleanup_common() call.
2 - Modify nfscl_cleanup_common() to return whether or not a
    free was done.
    When a free was done, do a goto to restart the loop, instead
    of using FOREACH_SAFE, which was not safe in this case.
3 - Acquire the NFSCLSTATE mutex in nfscl_freeopenowner()
    and nfscl_freelockowner(), if it not already held.
    This serializes all of these calls with the ones done in
    nfscl_cleanup_common().

Reported by:	ler
Reviewed by:	markj
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D34334
2022-02-22 14:21:43 -08:00
.cirrus-ci Cirrus-CI: add some timing info on pkg install failure 2021-08-04 15:02:00 -04:00
.github Update vendor/libarchive to libarchive/libarchive@72ce1ff7c 2022-02-19 00:49:06 +01:00
bin cp: fix -R with links 2022-02-22 16:06:02 -06:00
cddl ctfconvert: Rip out STABS support 2022-02-10 15:41:10 -05:00
contrib readelf: add Arm address mask note type NT_ARM_ADDR_MASK 2022-02-22 14:50:42 -05:00
crypto OpenSSL: Fix the same BIO_FLAGS macro definition 2022-02-01 10:38:49 -08:00
etc Integrate contrib/file/tests with kyua/atf 2022-02-16 13:02:45 -06:00
gnu libdialog: Bump shared library version to 10. 2021-10-27 09:30:24 -07:00
include Install unwind.h into /usr/include 2022-02-10 19:00:32 +01:00
kerberos5 pkgbase: Create a FreeBSD-kerberos package 2021-09-07 10:23:14 +02:00
lib powerpc: enable initial-exec TLS 2022-02-22 19:34:28 +01:00
libexec rc.subr: boottrace annotations 2022-02-21 20:16:12 -04:00
release release: Don't install ubldr.bin 2022-02-07 13:19:20 -07:00
rescue rescue: Link with -lncursesw instead of -lncursesw_real. 2022-02-11 13:58:59 -08:00
sbin camcontrol fwdownload minor improvements 2022-02-22 14:38:38 -07:00
secure OpenSSL: Merge OpenSSL 1.1.1m 2021-12-14 16:03:52 -05:00
share keymap: Add extra Alt Gr mapping for Brazillian Portuguese ABNT2 keyboards 2022-02-22 21:42:34 -03:00
stand Add support for getting early entropy from UEFI 2022-02-17 13:01:11 -08:00
sys nfscl: Fix a use after free in nfscl_cleanupkext() 2022-02-22 14:21:43 -08:00
targets Retire obsolete iscsi_initiator(4) 2021-10-26 16:17:35 -04:00
tests Add NT_ARM_ADDR_MASK 2022-02-22 17:10:35 +00:00
tools stress2: Added cleanup on error 2022-02-22 12:07:45 +01:00
usr.bin Temporarily skip usr.bin.diff.diff_test.functionname in CI 2022-02-21 16:31:43 +08:00
usr.sbin boottrace(8): small wrapper utility 2022-02-21 20:16:12 -04:00
.arcconfig Remove history.immutable from .arcconfig 2021-04-13 12:36:25 +01:00
.arclint
.cirrus.yml Cirrus-CI: add a manual amd64-gcc9 build and smoketest job 2022-02-15 12:55:14 -05:00
.clang-format clang-format: Add bitset loop macros 2021-09-21 12:08:01 -04:00
.gitattributes Add a basic clang-format configuration file 2019-06-07 15:23:52 +00:00
.gitignore .gitignore: Restore inadvertently deleted file 2022-01-18 08:00:42 -08:00
COPYRIGHT Welcome 2022, update copyrights. 2022-01-01 09:49:49 -07:00
LOCKS
MAINTAINERS Remove myself from bhyve maintenance; ENOTIME. 2021-11-19 07:09:30 +10:00
Makefile cleankernel: A target to delete the kernel compile file 2022-02-11 12:51:24 -07:00
Makefile.inc1 cleankernel: A target to delete the kernel compile file 2022-02-11 12:51:24 -07:00
Makefile.libcompat Makefile.libcompat: Sort 2022-02-02 14:34:29 -07:00
Makefile.sys.inc
ObsoleteFiles.inc Install unwind.h into /usr/include 2022-02-10 19:00:32 +01:00
README.md README.md: update gnu directory description 2021-12-17 08:45:31 -05:00
RELNOTES RELNOTES: Note support for KTLS RX for TLS 1.3. 2021-12-14 11:02:45 -08:00
UPDATING Fix minor grammar nit. 2022-01-31 15:35:23 -08:00

README.md

FreeBSD Source:

This is the top level of the FreeBSD source directory.

FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.

For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.

The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.

Source Roadmap:

Directory Description
bin System/user commands.
cddl Various commands and libraries under the Common Development and Distribution License.
contrib Packages contributed by 3rd parties.
crypto Cryptography stuff (see crypto/README).
etc Template files for /etc.
gnu Commands and libraries under the GNU General Public License (GPL) or Lesser General Public License (LGPL). Please see gnu/COPYING and gnu/COPYING.LIB for more information.
include System include files.
kerberos5 Kerberos5 (Heimdal) package.
lib System libraries.
libexec System daemons.
release Release building Makefile & associated tools.
rescue Build system for statically linked /rescue utilities.
sbin System commands.
secure Cryptographic libraries and commands.
share Shared resources.
stand Boot loader sources.
sys Kernel sources.
sys/arch/conf Kernel configuration files. GENERIC is the configuration used in release builds. NOTES contains documentation of all possible entries.
tests Regression tests which can be run by Kyua. See tests/README for additional information.
tools Utilities for regression testing and miscellaneous tasks.
usr.bin User commands.
usr.sbin System administration commands.

For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.