From 468dccc2a2179e7c946ea1571af49e8c049c012d Mon Sep 17 00:00:00 2001 From: visa Date: Mon, 13 Dec 2021 14:54:22 +0000 Subject: [PATCH] Prevent kevent(2) use of EVFILT_EXCEPT with FIFOs and pipes Currently, the only intended direct usage of the EVFILT_EXCEPT filter is with NOTE_OOB to detect out-of-band data in ptys and sockets. NOTE_OOB does not apply to FIFOs or pipes. Prevent the user from registering the filter with these file types. The filter code is for the kernel's internal use. OK mpi@ --- sys/kern/sys_pipe.c | 7 ++++++- sys/miscfs/fifofs/fifo_vnops.c | 6 +++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/sys/kern/sys_pipe.c b/sys/kern/sys_pipe.c index 4da474aa257..fa103c6f4d4 100644 --- a/sys/kern/sys_pipe.c +++ b/sys/kern/sys_pipe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_pipe.c,v 1.131 2021/12/08 13:03:52 visa Exp $ */ +/* $OpenBSD: sys_pipe.c,v 1.132 2021/12/13 14:54:22 visa Exp $ */ /* * Copyright (c) 1996 John S. Dyson @@ -927,6 +927,11 @@ pipe_kqfilter(struct file *fp, struct knote *kn) error = EPERM; break; } + if ((kn->kn_flags & __EV_POLL) == 0) { + /* Disallow usage through kevent(2). */ + error = EINVAL; + break; + } kn->kn_fop = &pipe_efiltops; kn->kn_hook = rpipe; klist_insert_locked(&rpipe->pipe_sel.si_note, kn); diff --git a/sys/miscfs/fifofs/fifo_vnops.c b/sys/miscfs/fifofs/fifo_vnops.c index f40e2957ec3..86b4486fc33 100644 --- a/sys/miscfs/fifofs/fifo_vnops.c +++ b/sys/miscfs/fifofs/fifo_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fifo_vnops.c,v 1.87 2021/12/11 09:28:26 visa Exp $ */ +/* $OpenBSD: fifo_vnops.c,v 1.88 2021/12/13 14:54:22 visa Exp $ */ /* $NetBSD: fifo_vnops.c,v 1.18 1996/03/16 23:52:42 christos Exp $ */ /* @@ -544,6 +544,10 @@ fifo_kqfilter(void *v) /* Prevent triggering exceptfds. */ return (EPERM); } + if ((ap->a_kn->kn_flags & __EV_POLL) == 0) { + /* Disallow usage through kevent(2). */ + return (EINVAL); + } ap->a_kn->kn_fop = &fifoexcept_filtops; so = fip->fi_readsock; sb = &so->so_rcv; -- 2.20.1