mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-10-18 02:19:39 +00:00
Code Issues Releases Activity
8cf43dcd3d
freebsd/sys
History
Olivier Certner 8cf43dcd3d umtx: shm: Prevent reference counting overflow 
This hardens against provoked use-after-free occurences should there be
reference counting leaks in the future (which is currently not the
case).

At the deepest level, umtx_shm_find_reg_unlocked() now returns EOVERFLOW
when it cannot grant an additional reference to the registry object, and
so will umtx_shm_find_reg().  umtx_shm_create_reg() will fail if calling
umtx_shm_find_reg() returns EOVERFLOW (meaning a SHM object for the
passed key already exists, but we can't acquire another reference on
it), avoiding the creation of a duplicate registry entry for a given key
(this wouldn't pose problem for the rest of the code in its current
form, but is expressly avoided for intelligibility and hardening
purposes).

Since umtx_shm_find_reg*(), and consequently the whole _umtx_op() system
call, can only return EOVERFLOW on such a bug manifesting, we don't
document that return value.

Reviewed by:    kib, emaste
Approved by:    emaste (mentor)
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D46126

(cherry picked from commit c3e6dfe55c)
(cherry picked from commit b20ae16087)
2024-09-04 16:02:34 +00:00
..
amd64 amd64 GENERIC: Switch uart hints from "isa" to "acpi" 2024-07-23 09:29:17 -04:00
arm arm: Add a missing interrupt to the generic timer 2024-07-15 13:34:29 +01:00
arm64 arm64: Ensure sctlr and pstate are in known states 2024-09-02 10:11:57 +01:00
bsm
cam ctl: fix Out-Of-Bounds access in ctl_report_supported_opcodes 2024-09-04 15:52:33 +00:00
cddl Revert "dtrace: make 'ring' and 'fill' policies imply 'noswitch' flag" 2024-04-21 15:28:59 +03:00
compat linuxkpi: use canonical tests for is_{zero,broadcast}_ether_addr 2024-08-11 19:03:42 -04:00
conf Post-13.4-branch updates 2024-08-01 17:07:12 -07:00
contrib libnv: verify that string is null terminated 2024-09-04 14:25:13 +02:00
crypto
ddb
dev dev/uart: Add APMC0D08 as found in the Intel E2100 2024-09-02 10:11:57 +01:00
dts
fs nfsproto.h: Define the new mode_umask attribute 2024-08-30 19:02:57 -07:00
gdb
geom geom(4): Fix a typo in a source code comment 2024-04-24 12:20:58 +02:00
gnu
i386 Adjust comments referencing vm_mem_init() 2024-06-06 12:54:35 -03:00
isa
kern umtx: shm: Prevent reference counting overflow 2024-09-04 16:02:34 +00:00
kgssapi
libkern
mips
modules ice_ddp: Update package to 1.3.36.0 2024-07-30 21:29:15 -07:00
net pf: rework pf_icmp_state_lookup() failure mode 2024-09-04 10:53:07 +02:00
net80211 net80211: Correct a comment 2024-06-25 12:27:06 +08:00
netgraph ng_hci: Add sockaddr validation to sendto() 2024-04-29 10:05:34 -04:00
netinet tcp: fix format of sysctl variable 2024-08-30 08:47:03 +02:00
netinet6 nd6: Fix the routing table subscription 2024-09-04 12:49:50 +00:00
netipsec
netlink
netpfil pf: rework pf_icmp_state_lookup() failure mode 2024-09-04 10:53:07 +02:00
netsmb
nfs
nfsclient
nfsserver
nlm
ofed ibcore: Mark write-only variables 2024-07-15 13:35:21 +01:00
opencrypto
powerpc Adjust comments referencing vm_mem_init() 2024-06-06 12:54:35 -03:00
riscv Adjust comments referencing vm_mem_init() 2024-06-06 12:54:35 -03:00
rpc krpc: Ref cnt the client structures for TLS upcalls 2024-05-01 18:19:09 -07:00
security
sys x86: Detect NVMM hypervisor 2024-09-03 17:52:30 -07:00
teken
tests
tools
ufs Do not allow snapshots on UFS filesystems using gjournal. 2024-07-28 12:06:52 -07:00
vm vm: Add kva_alloc_aligned 2024-09-02 10:11:57 +01:00
x86 x86: Detect NVMM hypervisor 2024-09-03 17:52:30 -07:00
xdr
xen
Makefile
README.md

README.md

FreeBSD Kernel Source:

This directory contains the source files and build glue that make up the FreeBSD kernel and its modules, including both original and contributed software.

Kernel configuration files are located in the conf/ subdirectory of each architecture. GENERIC is the configuration used in release builds. NOTES contains documentation of all possible entries. LINT is a compile-only configuration used to maximize build coverage and detect regressions.

Documentation:

Source code documentation is maintained in a set of man pages, under section 9. These pages are located in share/man/man9, from the top-level of the src tree. Consult intro(9) for an overview of existing pages.

Some additional high-level documentation of the kernel is maintained in the Architecture Handbook.

Source Roadmap:

Directory Description
amd64 AMD64 (64-bit x86) architecture support
arm 32-bit ARM architecture support
arm64 64-bit ARM (AArch64) architecture support
cam Common Access Method storage subsystem - cam(4) and ctl(4)
cddl CDDL-licensed optional sources such as DTrace
conf kernel build glue
compat Linux compatibility layer, FreeBSD 32-bit compatibility
contrib 3rd-party imported software such as OpenZFS
crypto crypto drivers
ddb interactive kernel debugger - ddb(4)
fs most filesystems, excluding UFS, NFS, and ZFS
dev device drivers
gdb kernel remote GDB stub - gdb(4)
geom GEOM framework - geom(4)
i386 i386 (32-bit x86) architecture support
kern main part of the kernel
libkern libc-like and other support functions for kernel use
modules kernel module infrastructure
net core networking code
net80211 wireless networking (IEEE 802.11) - net80211(4)
netgraph graph-based networking subsystem - netgraph(4)
netinet IPv4 protocol implementation - inet(4)
netinet6 IPv6 protocol implementation - inet6(4)
netipsec IPsec protocol implementation - ipsec(4)
netpfil packet filters - ipfw(4), pf(4), and ipfilter(4)
opencrypto OpenCrypto framework - crypto(7)
powerpc PowerPC/POWER (32 and 64-bit) architecture support
riscv 64-bit RISC-V architecture support
security security facilities - audit(4) and mac(4)
sys kernel headers
tests kernel unit tests
ufs Unix File System - ffs(7)
vm virtual memory system
x86 code shared by AMD64 and i386 architectures