mirror of
https://github.com/opnsense/src.git
synced 2026-02-14 08:13:38 -05:00
14bdbaf2e4
Coredump notes depend on being able to invoke dump routines twice; once in a dry-run mode to get the size of the note, and another to actually emit the note to the corefile. When a note helper emits a different length section the second time around than the length it requested the first time, the kernel produces a corrupt coredump. NT_PROCSTAT_FILES output length, when packing kinfo structs, is tied to the length of filenames corresponding to vnodes in the process' fd table via vn_fullpath. As vnodes may move around during dump, this is racy. So: - Detect badly behaved notes in putnote() and pad underfilled notes. - Add a fail point, debug.fail_point.fill_kinfo_vnode__random_path to exercise the NT_PROCSTAT_FILES corruption. It simply picks random lengths to expand or truncate paths to in fo_fill_kinfo_vnode(). - Add a sysctl, kern.coredump_pack_fileinfo, to allow users to disable kinfo packing for PROCSTAT_FILES notes. This should avoid both FILES note corruption and truncation, even if filenames change, at the cost of about 1 kiB in padding bloat per open fd. Document the new sysctl in core.5. - Fix note_procstat_files to self-limit in the 2nd pass. Since sometimes this will result in a short write, pad up to our advertised size. This addresses note corruption, at the risk of sometimes truncating the last several fd info entries. - Fix NT_PROCSTAT_FILES consumers libutil and libprocstat to grok the zero padding. With suggestions from: bjk, jhb, kib, wblock Approved by: markj (mentor) Relnotes: yes Sponsored by: EMC / Isilon Storage Division Differential Revision: https://reviews.freebsd.org/D3548 |
||
|---|---|---|
| .. | ||
| tests | ||
| _secure_path.3 | ||
| _secure_path.c | ||
| auth.c | ||
| expand_number.3 | ||
| expand_number.c | ||
| flopen.3 | ||
| flopen.c | ||
| fparseln.3 | ||
| fparseln.c | ||
| gr_util.c | ||
| hexdump.3 | ||
| hexdump.c | ||
| humanize_number.3 | ||
| humanize_number.c | ||
| kinfo_getallproc.3 | ||
| kinfo_getallproc.c | ||
| kinfo_getfile.3 | ||
| kinfo_getfile.c | ||
| kinfo_getproc.3 | ||
| kinfo_getproc.c | ||
| kinfo_getvmmap.3 | ||
| kinfo_getvmmap.c | ||
| kinfo_getvmobject.3 | ||
| kinfo_getvmobject.c | ||
| kld.3 | ||
| kld.c | ||
| libutil.h | ||
| login.conf.5 | ||
| login_auth.3 | ||
| login_auth.c | ||
| login_cap.3 | ||
| login_cap.c | ||
| login_cap.h | ||
| login_class.3 | ||
| login_class.c | ||
| login_crypt.c | ||
| login_ok.3 | ||
| login_ok.c | ||
| login_times.3 | ||
| login_times.c | ||
| login_tty.3 | ||
| login_tty.c | ||
| Makefile | ||
| Makefile.depend | ||
| pidfile.3 | ||
| pidfile.c | ||
| property.3 | ||
| property.c | ||
| pty.3 | ||
| pty.c | ||
| pw_util.3 | ||
| pw_util.c | ||
| quotafile.3 | ||
| quotafile.c | ||
| realhostname.3 | ||
| realhostname.c | ||
| realhostname_sa.3 | ||
| stub.c | ||
| trimdomain.3 | ||
| trimdomain.c | ||
| uucplock.3 | ||
| uucplock.c | ||