Home | History | Annotate | Download | only in common
History log of /src/sys/compat/common/tty_43.c
RevisionDateAuthorComments
 1.40  10-Jul-2022  riastradh tty_43: Do unsigned arithmetic to avoid shift into sign bits.

Omit input validation -- it's not a great idea for compatibility with
historical kernels, since they ignored the bits instead of rejecting
them if set. With unsigned arithmetic, we get the same semantics as
was previously assumed (discarding bits that get shifted into the
sign bit or off into oblivion) without the formal undefined
behaviour.

Reported-by: syzbot+e408764cdd8c0c0ff535@syzkaller.appspotmail.com
https://syzkaller.appspot.com/bug?id=8318f0039e68187cd8d27b2c520816fff3f7266a
 1.39  10-Oct-2020  christos TIOCGSID is used by tcgetsid() so it is not really compat :-)
This should reduce loading the compat module.
 1.38  09-Oct-2020  nia tty_43: Check a bitset from userspace is valid before shifting it

Passing a negative value to these legacy compat ioctls results in
left shift on a negative value which is undefined behaviour and results
in the tty (at least, possibly other things) locking up.

The argument to the ioctl should always be > 0. Return EINVAL otherwise.

While here, adjustments to code style to match current guidelines.

Found by UBSan.

Reported-by: syzbot+39cd551a05298b222756@syzkaller.appspotmail.com
 1.37  08-Aug-2020  christos Fix the OTIOCGETD emulation. Line discipline 0 is NTTYDISC.
 1.36  23-May-2020  ad Move proc_lock into the data segment. It was dynamically allocated because
at the time we had mutex_obj_alloc() but not __cacheline_aligned.
 1.35  12-Dec-2019  pgoyette Rather than keeping a separate mutex, condvar, and pserialize for each
module hook, we can share a common set of synchronization structures.
This cuts the amount of cacheline_aligned data for these structures by
50%.

Note that we still have a per-hook localcount, since we need to count
individual references.

As discussed with riastradh@

Welcome to 9.99.22 !
 1.34  01-Mar-2019  pgoyette branches: 1.34.4;
Rename the MODULE_*_HOOK() macros to MODULE_HOOK_*() as briefly
discussed on irc.

NFCI intended.

Ride the earlier kernel bump - it;s getting crowded.
 1.33  29-Jan-2019  pgoyette Normalize all the compat hooks' names to the form

<subsystem>_<function>_<version>_hook

NFCI

XXX Note that although this introduces a change in the kernel-to-
XXX module interface, we are NOT bumping the kernel version number.
XXX We will bump the version number once the interface stabilizes.
 1.32  28-Jan-2019  christos - provide a hook for the 43 tty ioctls
- make the 60 tty ioctl hook look the same
- fix the tty code to call both hooks and remove unused lock
 1.31  27-Jan-2019  pgoyette Merge the [pgoyette-compat] branch
 1.30  22-May-2014  dholland branches: 1.30.20; 1.30.26; 1.30.28;
Use accessor functions for the tty's table of control characters.
(at least from outside the core tty sources)

Move some xon/xoff code from net/ppp_tty.c to kern/tty.c.
 1.29  19-Nov-2008  ad branches: 1.29.26; 1.29.40;
Make the emulations, exec formats, coredump, NFS, and the NFS server
into modules. By and large this commit:

- shuffles header files and ifdefs
- splits code out where necessary to be modular
- adds module glue for each of the components
- adds/replaces hooks for things that can be installed at runtime
 1.28  14-Nov-2008  ad - Move some more compat code into sys/compat.
- Split 4.3BSD ifioctl stuff into its own file.
- Remove some ifdefs that include small fragments of vfs compat code
which are difficult to relocate elsewhere.
 1.27  28-Apr-2008  martin branches: 1.27.6; 1.27.8;
Remove clause 3 and 4 from TNF licenses
 1.26  24-Apr-2008  ad branches: 1.26.2;
Network protocol interrupts can now block on locks, so merge the globals
proclist_mutex and proclist_lock into a single adaptive mutex (proc_lock).
Implications:

- Inspecting process state requires thread context, so signals can no longer
be sent from a hardware interrupt handler. Signal activity must be
deferred to a soft interrupt or kthread.

- As the proc state locking is simplified, it's now safe to take exit()
and wait() out from under kernel_lock.

- The system spends less time at IPL_SCHED, and there is less lock activity.
 1.25  23-Apr-2008  ad Fix locking.
 1.24  08-Dec-2007  dsl branches: 1.24.12; 1.24.14;
ANSIfy most of the function definitions in sys/compat (but not ndis).
All by the magic of sed ...
 1.23  04-Dec-2007  dsl Remove all the __P
 1.22  04-Mar-2007  christos branches: 1.22.14; 1.22.16; 1.22.22; 1.22.24;
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
 1.21  05-Mar-2006  christos branches: 1.21.18;
cleanup more SET/CLR/ISSET lossage
 1.20  11-Dec-2005  christos branches: 1.20.4; 1.20.6; 1.20.8;
merge ktrace-lwp.
 1.19  27-Nov-2005  thorpej Overhaul how TTY line disciplines are handled:
- Replace references to linesw[0] with a ttyldisc_default() function
that returns the default ("termios") line discipline.
- The linesw[] array is gone, replaced by a linked list.
- ttyldisc_add() and ttyldisc_remove() have been replaced by
ttyldisc_attach() and ttyldisc_detach().
- Things that provide line disciplines are now responsible for
registering those disciplines with the system. The linesw
structures are no longer declared in tty_conf.c
- Line disciplines are now refcounted; a lookup causes a reference to
be held. ttyldisc_release() releases the reference. Attempts to
detach an in-use line discipline result in EBUSY.
- Fix function signature lossage in if_sl.c, if_strip.c, and tty_tb.c
that was masked by the old tty_conf.c
- tty_init() is no longer necessary; delete it and its call from main().
 1.18  25-Apr-2004  matt branches: 1.18.12; 1.18.18;
Constify the speedtab arrays
 1.17  07-Aug-2003  agc Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22364, verified by myself.
 1.16  29-Jun-2003  fvdl branches: 1.16.2;
Back out the lwp/ktrace changes. They contained a lot of colateral damage,
and need to be examined and discussed more.
 1.15  28-Jun-2003  darrenr Pass lwp pointers throughtout the kernel, as required, so that the lwpid can
be inserted into ktrace records. The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.

Bump the kernel rev up to 1.6V
 1.14  17-Mar-2002  atatat Convert ioctl code to use EPASSTHROUGH instead of -1 or ENOTTY for
indicating an unhandled "command". ERESTART is -1, which can lead to
confusion. ERESTART has been moved to -3 and EPASSTHROUGH has been
placed at -4. No ioctl code should now return -1 anywhere. The
ioctl() system call is now properly restartable.
 1.13  13-Nov-2001  lukem add RCSIDs (including regeneration of files as appropriate)
 1.12  08-Nov-2000  eeh branches: 1.12.2; 1.12.4; 1.12.6;
Don't dereference NULL t_linesw.
 1.11  02-Nov-2000  itohy Adapt to the new line discipline scheme.
 1.10  30-Mar-2000  augustss Kill register declarations.
 1.9  29-Mar-2000  simonb Don't need to include <sys/conf.h> here.
 1.8  01-Mar-1998  fvdl branches: 1.8.14;
Merge with Lite2 + local changes
 1.7  13-Oct-1996  christos Backout previous kprintf change.
 1.6  10-Oct-1996  christos printf -> kprintf, sprintf -> ksprintf
 1.5  20-May-1996  mark cast -1 to a char for comparision with tc->t_brkc so that this test
will work with signed and unsigned chars.
 1.4  18-May-1996  veego Put this into an #ifdef COMPAT_OLDTTY.
look in <sys/tty.h> for more infomations about that.
 1.3  14-Mar-1996  christos Fix compiler warnings
 1.2  10-Feb-1996  christos Don't declare MSG_COMPAT in two places.
More prototype fixes
 1.1  02-Feb-1996  christos Renamed compat_tty.c to tty_43.c and updated with the newest copy from
kern/tty_compat.c
 1.8.14.2  22-Nov-2000  bouyer Sync with HEAD.
 1.8.14.1  20-Nov-2000  bouyer Update thorpej_scsipi to -current as of a month ago
 1.12.6.1  13-Oct-2001  fvdl Revert the t_dev -> t_devvp change in struct tty. The way that tty
structs are currently used (especially by console ttys) aren't
ready for it, and this will require quite a few changes.
 1.12.4.2  23-Jun-2002  jdolecek catch up with -current on kqueue branch
 1.12.4.1  10-Jan-2002  thorpej Sync kqueue branch with -current.
 1.12.2.2  01-Apr-2002  nathanw Catch up to -current.
(CVS: It's not just a program. It's an adventure!)
 1.12.2.1  14-Nov-2001  nathanw Catch up to -current.
 1.16.2.5  11-Dec-2005  christos Sync with head.
 1.16.2.4  21-Sep-2004  skrll Fix the sync with head I botched.
 1.16.2.3  18-Sep-2004  skrll Sync with HEAD.
 1.16.2.2  03-Aug-2004  skrll Sync with HEAD
 1.16.2.1  02-Jul-2003  darrenr Apply the aborted ktrace-lwp changes to a specific branch. This is just for
others to review, I'm concerned that patch fuziness may have resulted in some
errant code being generated but I'll look at that later by comparing the diff
from the base to the branch with the file I attempt to apply to it. This will,
at the very least, put the changes in a better context for others to review
them and attempt to tinker with removing passing of 'struct lwp' through
the kernel.
 1.18.18.1  29-Nov-2005  yamt sync with head.
 1.18.12.4  21-Jan-2008  yamt sync with head
 1.18.12.3  07-Dec-2007  yamt sync with head
 1.18.12.2  03-Sep-2007  yamt sync with head.
 1.18.12.1  21-Jun-2006  yamt sync with head.
 1.20.8.1  13-Mar-2006  yamt sync with head.
 1.20.6.1  22-Apr-2006  simonb Sync with head.
 1.20.4.1  09-Sep-2006  rpaulo sync with head
 1.21.18.1  12-Mar-2007  rmind Sync with HEAD.
 1.22.24.2  26-Dec-2007  ad Sync with head.
 1.22.24.1  08-Dec-2007  ad Sync with head.
 1.22.22.2  27-Dec-2007  mjf Sync with HEAD.
 1.22.22.1  08-Dec-2007  mjf Sync with HEAD.
 1.22.16.1  09-Jan-2008  matt sync with HEAD
 1.22.14.1  09-Dec-2007  jmcneill Sync with HEAD.
 1.24.14.1  18-May-2008  yamt sync with head.
 1.24.12.2  17-Jan-2009  mjf Sync with HEAD.
 1.24.12.1  02-Jun-2008  mjf Sync with HEAD.
 1.26.2.2  04-May-2009  yamt sync with head.
 1.26.2.1  16-May-2008  yamt sync with head.
 1.27.8.1  19-Jan-2009  skrll Sync with HEAD.
 1.27.6.1  13-Dec-2008  haad Update haad-dm branch to haad-dm-base2.
 1.29.40.1  10-Aug-2014  tls Rebase.
 1.29.26.1  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.30.28.2  08-Apr-2020  martin Merge changes from current as of 20200406
 1.30.28.1  10-Jun-2019  christos Sync with HEAD
 1.30.26.2  22-Sep-2018  pgoyette #include "opt_compat_netbsd.h" for all sources that provide compat code.
 1.30.26.1  17-Apr-2018  pgoyette First pass at compat modules for 4.3BSD, NetBSD-0.9, and NetBSD-1.0

XXX Still need to deal with the sysctl stuff and other code shared
XXX between 09 and 43
 1.30.20.1  10-Oct-2020  martin Pull up following revision(s) (requested by nia in ticket #1614):

sys/compat/common/tty_43.c: revision 1.38

tty_43: Check a bitset from userspace is valid before shifting it

Passing a negative value to these legacy compat ioctls results in
left shift on a negative value which is undefined behaviour and results
in the tty (at least, possibly other things) locking up.
The argument to the ioctl should always be > 0. Return EINVAL otherwise.

While here, adjustments to code style to match current guidelines.
Found by UBSan.
 1.34.4.1  10-Oct-2020  martin Pull up following revision(s) (requested by nia in ticket #1106):

sys/compat/common/tty_43.c: revision 1.38

tty_43: Check a bitset from userspace is valid before shifting it

Passing a negative value to these legacy compat ioctls results in
left shift on a negative value which is undefined behaviour and results
in the tty (at least, possibly other things) locking up.
The argument to the ioctl should always be > 0. Return EINVAL otherwise.

While here, adjustments to code style to match current guidelines.
Found by UBSan.

RSS XML Feed