Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 25 Mar 2019 21:38:58 +0000 (UTC)
From:      Mark Johnston <markj@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r345513 - head/sys/kern
Message-ID:  <201903252138.x2PLcwJr025574@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: markj
Date: Mon Mar 25 21:38:58 2019
New Revision: 345513
URL: https://svnweb.freebsd.org/changeset/base/345513

Log:
  Reject F_SETLK_REMOTE commands when sysid == 0.
  
  A sysid of 0 denotes the local system, and some handlers for remote
  locking commands do not attempt to deal with local locks.  Note that
  F_SETLK_REMOTE is only available to privileged users as it is intended
  to be used as a testing interface.
  
  Reviewed by:	kib
  Reported by:	syzbot+9c457a6ae014a3281eb8@syzkaller.appspotmail.com
  MFC after:	2 weeks
  Sponsored by:	The FreeBSD Foundation
  Differential Revision:	https://reviews.freebsd.org/D19702

Modified:
  head/sys/kern/kern_descrip.c

Modified: head/sys/kern/kern_descrip.c
==============================================================================
--- head/sys/kern/kern_descrip.c	Mon Mar 25 21:14:51 2019	(r345512)
+++ head/sys/kern/kern_descrip.c	Mon Mar 25 21:38:58 2019	(r345513)
@@ -601,7 +601,7 @@ kern_fcntl(struct thread *td, int fd, int cmd, intptr_
 
 	case F_SETLK_REMOTE:
 		error = priv_check(td, PRIV_NFS_LOCKD);
-		if (error)
+		if (error != 0)
 			return (error);
 		flg = F_REMOTE;
 		goto do_setlk;
@@ -612,6 +612,12 @@ kern_fcntl(struct thread *td, int fd, int cmd, intptr_
 
 	case F_SETLK:
 	do_setlk:
+		flp = (struct flock *)arg;
+		if ((flg & F_REMOTE) != 0 && flp->l_sysid == 0) {
+			error = EINVAL;
+			break;
+		}
+
 		error = fget_unlocked(fdp, fd, &cap_flock_rights, &fp, NULL);
 		if (error != 0)
 			break;
@@ -621,7 +627,6 @@ kern_fcntl(struct thread *td, int fd, int cmd, intptr_
 			break;
 		}
 
-		flp = (struct flock *)arg;
 		if (flp->l_whence == SEEK_CUR) {
 			foffset = foffset_get(fp);
 			if (foffset < 0 ||
@@ -667,10 +672,6 @@ kern_fcntl(struct thread *td, int fd, int cmd, intptr_
 			    flp, flg);
 			break;
 		case F_UNLCKSYS:
-			/*
-			 * Temporary api for testing remote lock
-			 * infrastructure.
-			 */
 			if (flg != F_REMOTE) {
 				error = EINVAL;
 				break;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903252138.x2PLcwJr025574>