Page MenuHomeFreeBSD

stats: Check for errors from copyout()
ClosedPublic

Authored by markj on Dec 26 2023, 1:32 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jan 10, 2:29 AM
Unknown Object (File)
Thu, Jan 9, 5:49 PM
Unknown Object (File)
Nov 3 2024, 1:27 AM
Unknown Object (File)
Oct 5 2024, 12:01 AM
Unknown Object (File)
Oct 4 2024, 5:03 PM
Unknown Object (File)
Oct 4 2024, 4:54 AM
Unknown Object (File)
Oct 3 2024, 2:58 PM
Unknown Object (File)
Oct 1 2024, 3:28 PM
Subscribers

Details

Summary

This is in preparation for annotating copyin() and related functions
with __result_use_check.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj requested review of this revision.Dec 26 2023, 1:32 AM
This revision was not accepted when it landed; it landed in state Needs Review.Jan 4 2024, 1:41 PM
This revision was automatically updated to reflect the committed changes.

Hi Mark,

I'm sorry I missed this change over the holiday period, but wanted to flag that it introduced a bug by obscuring the EOVERFLOW case. I fixed this in the Netflix tree with a very simple patch:

--- a/FreeBSD/sys/kern/subr_stats.c
+++ b/FreeBSD/sys/kern/subr_stats.c
@@ -1078,9 +1078,9 @@ int
 stats_v1_blob_clone(struct statsblobv1 **dst, size_t dstmaxsz,
     struct statsblobv1 *src, uint32_t flags)
 {
-       int error;
+       int error, tmperror;
 
-       error = 0;
+       error = tmperror = 0;
 
        if (src == NULL || dst == NULL ||
            src->cursz < sizeof(struct statsblob) ||
@@ -1131,14 +1131,16 @@ stats_v1_blob_clone(struct statsblobv1 **dst, size_t dstmaxsz,
                }
 #ifdef _KERNEL
                if (flags & SB_CLONE_USRDSTNOFAULT)
-                       error = copyout_nofault(&(src->cursz), &((*dst)->cursz),
+                       tmperror = copyout_nofault(&(src->cursz), &((*dst)->cursz),
                            postcurszlen);
                else if (flags & SB_CLONE_USRDST)
-                       error = copyout(&(src->cursz), &((*dst)->cursz),
+                       tmperror = copyout(&(src->cursz), &((*dst)->cursz),
                            postcurszlen);
                else
 #endif
                        memcpy(&((*dst)->cursz), &(src->cursz), postcurszlen);
+
+               error = error ? error : tmperror;
        }
 #ifdef _KERNEL
 out:

Unless you've got a different way you'd prefer to deal with the problem I'll post the patch to Phabricator soon.

Hi Mark,

I'm sorry I missed this change over the holiday period, but wanted to flag that it introduced a bug by obscuring the EOVERFLOW case. I fixed this in the Netflix tree with a very simple patch:

--- a/FreeBSD/sys/kern/subr_stats.c
+++ b/FreeBSD/sys/kern/subr_stats.c
@@ -1078,9 +1078,9 @@ int
 stats_v1_blob_clone(struct statsblobv1 **dst, size_t dstmaxsz,
     struct statsblobv1 *src, uint32_t flags)
 {
-       int error;
+       int error, tmperror;
 
-       error = 0;
+       error = tmperror = 0;
 
        if (src == NULL || dst == NULL ||
            src->cursz < sizeof(struct statsblob) ||
@@ -1131,14 +1131,16 @@ stats_v1_blob_clone(struct statsblobv1 **dst, size_t dstmaxsz,
                }
 #ifdef _KERNEL
                if (flags & SB_CLONE_USRDSTNOFAULT)
-                       error = copyout_nofault(&(src->cursz), &((*dst)->cursz),
+                       tmperror = copyout_nofault(&(src->cursz), &((*dst)->cursz),
                            postcurszlen);
                else if (flags & SB_CLONE_USRDST)
-                       error = copyout(&(src->cursz), &((*dst)->cursz),
+                       tmperror = copyout(&(src->cursz), &((*dst)->cursz),
                            postcurszlen);
                else
 #endif
                        memcpy(&((*dst)->cursz), &(src->cursz), postcurszlen);
+
+               error = error ? error : tmperror;
        }
 #ifdef _KERNEL
 out:

Unless you've got a different way you'd prefer to deal with the problem I'll post the patch to Phabricator soon.

Your version looks good to me, sorry for the breakage.