From owner-svn-src-all@freebsd.org Wed Oct 16 13:21:02 2019 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6F4C91651F0; Wed, 16 Oct 2019 13:21:02 +0000 (UTC) (envelope-from andrew@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46tXxB2LpZz3Fy2; Wed, 16 Oct 2019 13:21:02 +0000 (UTC) (envelope-from andrew@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 33F7A7913; Wed, 16 Oct 2019 13:21:02 +0000 (UTC) (envelope-from andrew@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x9GDL2s8021560; Wed, 16 Oct 2019 13:21:02 GMT (envelope-from andrew@FreeBSD.org) Received: (from andrew@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x9GDL2ee021543; Wed, 16 Oct 2019 13:21:02 GMT (envelope-from andrew@FreeBSD.org) Message-Id: <201910161321.x9GDL2ee021543@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: andrew set sender to andrew@FreeBSD.org using -f From: Andrew Turner Date: Wed, 16 Oct 2019 13:21:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r353640 - head/sys/kern X-SVN-Group: head X-SVN-Commit-Author: andrew X-SVN-Commit-Paths: head/sys/kern X-SVN-Commit-Revision: 353640 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Oct 2019 13:21:02 -0000 Author: andrew Date: Wed Oct 16 13:21:01 2019 New Revision: 353640 URL: https://svnweb.freebsd.org/changeset/base/353640 Log: Stop leaking information from the kernel through timespec The timespec struct holds a seconds value in a time_t and a nanoseconds value in a long. On most architectures these are the same size, however on 32-bit architectures other than i386 time_t is 8 bytes and long is 4 bytes. Most ABIs will then pad a struct holding an 8 byte and 4 byte value to 16 bytes with 4 bytes of padding. When copying one of these structs the compiler is free to copy the padding if it wishes. In this case the padding may contain kernel data that is then leaked to userspace. Fix this by copying the timespec elements rather than the entire struct. This doesn't affect Tier-1 architectures so no SA is expected. admbugs: 651 MFC after: 1 week Sponsored by: DARPA, AFRL Modified: head/sys/kern/vfs_vnops.c Modified: head/sys/kern/vfs_vnops.c ============================================================================== --- head/sys/kern/vfs_vnops.c Wed Oct 16 13:20:36 2019 (r353639) +++ head/sys/kern/vfs_vnops.c Wed Oct 16 13:21:01 2019 (r353640) @@ -1455,10 +1455,14 @@ vn_stat(struct vnode *vp, struct stat *sb, struct ucre if (vap->va_size > OFF_MAX) return (EOVERFLOW); sb->st_size = vap->va_size; - sb->st_atim = vap->va_atime; - sb->st_mtim = vap->va_mtime; - sb->st_ctim = vap->va_ctime; - sb->st_birthtim = vap->va_birthtime; + sb->st_atim.tv_sec = vap->va_atime.tv_sec; + sb->st_atim.tv_nsec = vap->va_atime.tv_nsec; + sb->st_mtim.tv_sec = vap->va_mtime.tv_sec; + sb->st_mtim.tv_nsec = vap->va_mtime.tv_nsec; + sb->st_ctim.tv_sec = vap->va_ctime.tv_sec; + sb->st_ctim.tv_nsec = vap->va_ctime.tv_nsec; + sb->st_birthtim.tv_sec = vap->va_birthtime.tv_sec; + sb->st_birthtim.tv_nsec = vap->va_birthtime.tv_nsec; /* * According to www.opengroup.org, the meaning of st_blksize is