Date: Thu, 01 Nov 2018 07:41:04 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 232878] File sealing Message-ID: <bug-232878-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D232878 Bug ID: 232878 Summary: File sealing Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: contact@emersion.fr File sealing is a Linux-specific safety mechanism that can be used when sha= ring memory between two processes. In this scenario, one process typically calls shm_open(SHM_ANON), mmaps the result in its address space, writes interesting things in this slice of mem= ory, sends the file descriptor over a Unix socket to another process. The other process then mmaps the file descriptor to its own address space and reads t= he shared memory. Sometimes the two processes don't trust each other, for instance in the cas= e of Wayland. Bad clients may try to crash the compositor. One way to crash the compositor is to send a shared memory file descriptor = and then shrink the file. When the compositor tries to read the now-unmapped pa= rt of the file it'll receive SIGBUS. What the compositor currently does is that it handles SIGBUS and ignores it= if it's about a memory slice mmapped from IPC. Apart from being a hack, this m= akes things complicated because: * There are multiple Wayland interfaces that need to mmap a file descriptor sent over IPC. Collecting the list of IPC-mmapped regions is currently not possible with libwayland. * Since SIGBUS is global state, handling it is difficult. Some other IPC mechanisms might need to add more regions to the list. Threads make this ev= en more annoying. See https://gitlab.freedesktop.org/wayland/wayland/issues/53#note_24663 I'd like to know if there are plans to add a feature similar to file sealing (https://lwn.net/Articles/591108/) in FreeBSD. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-232878-227>