Page MenuHomeFreeBSD
Differential D31453

netdump: send key before dump, in case dump fails
ClosedPublic
Actions

Authored by vangyzen on Aug 7 2021, 2:10 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Oct 29, 7:43 PM
Unknown Object (File)
Tue, Oct 29, 3:23 PM
Unknown Object (File)
Wed, Oct 23, 7:53 PM
Unknown Object (File)
Wed, Oct 23, 7:53 PM
Unknown Object (File)
Wed, Oct 23, 7:52 PM
Unknown Object (File)
Wed, Oct 23, 7:52 PM
Unknown Object (File)
Wed, Oct 23, 7:52 PM
Unknown Object (File)
Wed, Oct 23, 7:31 PM
View All 73 Files
Subscribers
badger
dab
glebius
imp
melifaro

Details

Reviewers
bdrewery
markj
Commits
rG8320036255f0: netdump: send key before dump, in case dump fails
rG13a58148de17: netdump: send key before dump, in case dump fails
Summary

Previously, if an encrypted netdump failed, such as due to a timeout or
network failure, the key was not saved, so a partial dump was
completely useless.

Send the key first, so the partial dump can be decrypted, because even a
partial dump can be useful.

Test Plan

I ran ls in a loop during a netdump and watched netdumpd create the
key file first. Decryption was successful.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

vangyzen created this revision.Aug 7 2021, 2:10 PM
Herald added subscribers: melifaro, dab, badger, imp. · View Herald TranscriptAug 7 2021, 2:10 PM
vangyzen requested review of this revision.Aug 7 2021, 2:10 PM
Harbormaster completed remote builds in B40917: Diff 93371.Aug 7 2021, 2:10 PM
markj added inline comments.Aug 9 2021, 8:42 PM
sys/kern/kern_shutdown.c
1504

How can this situation arise? keysize will be 0 if kdc is NULL.

sys/netinet/netdump/netdump_client.c
352

Do you need a netdump_cleanup() call in the error paths?

bdrewery added inline comments.Aug 9 2021, 11:01 PM
sys/netinet/netdump/netdump_client.c
352

Yup, since line 339 is setting the global pcb.

vangyzen updated this revision to Diff 93497.Aug 10 2021, 5:20 PM
vangyzen marked 2 inline comments as done.
  • CR feedback: call cleanup on error paths
Harbormaster completed remote builds in B40971: Diff 93497.Aug 10 2021, 5:20 PM
vangyzen marked an inline comment as done.Aug 10 2021, 5:21 PM
vangyzen added inline comments.
sys/kern/kern_shutdown.c
1504

This avoids a NULL dereference. In the old code, we dereferenced kdc without testing for NULL. Unfortunately, I don't have more detail, since I made this change locally six months ago, failed to explain this bit in the internal code review, and forgot to upstream it right away. It _seems_ like we should hit it easily. Maybe clang is reordering things enough to accidentally protect us?

sys/netinet/netdump/netdump_client.c
352

Good catch. Thanks.

vangyzen marked an inline comment as done.Aug 10 2021, 5:26 PM
vangyzen added inline comments.
sys/kern/kern_shutdown.c
1504

Or maybe I made this change purely for symmetry with dump_start, and the NULL dereference would have happened in that function without this extra guard?

markj added inline comments.Aug 10 2021, 5:45 PM
sys/kern/kern_shutdown.c
1504

I see. kdc->kdc_dumpkey will just evaluate to (char *)kdc + offsetof(struct kerneldumpcrypto, kdc_dumpkey) because kdc_dumpkey is a VLA, so no dereference happens. Do you have some local changes which invalidate that?

vangyzen marked an inline comment as done.Aug 10 2021, 11:41 PM
vangyzen added inline comments.
sys/kern/kern_shutdown.c
1504

I see. Thanks. I obviously didn't look that closely at the type. My bad.

As it turns out, key is no longer used in this function, so I'll just remove it.

vangyzen updated this revision to Diff 93510.Aug 11 2021, 12:09 AM
vangyzen marked an inline comment as done.
  • CR feedback: remove unused "key" local var
Harbormaster completed remote builds in B40976: Diff 93510.Aug 11 2021, 12:09 AM
markj accepted this revision.Aug 11 2021, 1:48 PM
This revision is now accepted and ready to land.Aug 11 2021, 1:48 PM
Closed by commit rG13a58148de17: netdump: send key before dump, in case dump fails (authored by vangyzen). · Explain WhyAug 11 2021, 8:55 PM
This revision was automatically updated to reflect the committed changes.
vangyzen added a commit: rG13a58148de17: netdump: send key before dump, in case dump fails.
mhorne added a commit: rG8320036255f0: netdump: send key before dump, in case dump fails.Jun 27 2022, 7:35 PM
Herald added a subscriber: glebius. · View Herald TranscriptJun 27 2022, 7:35 PM

Revision Contents
Changeset List

PathSize
sys/
kern/
20 lines
netinet/
netdump/
42 lines
sys/
5 lines

Diff 93565

View Options

sys/kern/kern_shutdown.c

Loading...
View Options

sys/netinet/netdump/netdump_client.c

Loading...
View Options

sys/sys/conf.h

Loading...