Date: Thu, 14 Aug 2008 20:16:38 -0400 From: alexus <alexus@gmail.com> To: "Mateusz Guzik" <mjguzik@gmail.com> Cc: freebsd-jail@freebsd.org, "Bjoern A. Zeeb" <bz@freebsd.org> Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails Message-ID: <6ae50c2d0808141716g5c213fe9ha688c7b544a0fb35@mail.gmail.com> In-Reply-To: <20080809234717.GC13799@skucha.home.aster.pl> References: <200808081740.m78He4bc084276@freefall.freebsd.org> <20080808184224.H88849@maildrop.int.zabbadoz.net> <20080809234717.GC13799@skucha.home.aster.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
where can I get latest patch? that I can apply to 7.0-RELEASE-p3 ? 2008/8/9 Mateusz Guzik <mjguzik@gmail.com>: > On Fri, Aug 08, 2008 at 06:43:38PM +0000, Bjoern A. Zeeb wrote: >> >The following reply was made to PR kern/126368; it has been noted by GNATS. >> > >> >From: "Mateusz Guzik" <mjguzik@gmail.com> >> >To: bug-followup@freebsd.org >> >Cc: >> >Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails >> >Date: Fri, 8 Aug 2008 19:30:22 +0200 >> > >> >Err, I made a mistake. crfree() will be called in case of failure >> >(loop starting at line 959), so the following patch should be ok: >> > >> >--- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.000000000 +0200 >> >+++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.000000000 +0200 >> >@@ -933,12 +933,14 @@ >> > error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); >> > VOP_UNLOCK(vp, 0, td); >> > vn_finished_write(mp); >> > vrele(vp); >> > VFS_UNLOCK_GIANT(vfslocked); >> >- if (!error) >> >+ if (!error) { >> >+ crfree(cred); >> > return; >> >+ } >> >> that sounds more plausible w/o seeing the surrounding code. I had >> wondered already earlier today when I was pointed at. >> >> I'll look into this. >> > > Sorry for the noise -- the first patch was right. ;) > > ktr_writerequest() is called multiple times and it _always_ calls > crhold(), so crfree() must be called before it returns (even in case of > failure). > > Also, in this function one can find: > > [..] > crhold(cred) > [..] > if (vp == NULL) { > KASSERT(cred == NULL, ("ktr_writerequest: cred != NULL")); > return; > } > > `Normal' kernel might leak credentials in this case, so I believe crfree() should be added there too. > > Thanks, and again, sorry for the noise. > -- > Mateusz Guzik > > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > > -- http://alexus.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6ae50c2d0808141716g5c213fe9ha688c7b544a0fb35>