Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 15 Aug 2002 07:19:08 -0700 (PDT)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 16023 for review
Message-ID:  <200208151419.g7FEJ8Wd040505@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=16023

Change 16023 by rwatson@rwatson_tislabs on 2002/08/15 07:18:49

	Move the invocation of mac_cred_mmapped_drop_perms() to outside
	of the proc locking window during a process credential update,
	closing a race condition opened when mmap revocation was
	introduced.  Otherwise, we were susceptible to
	check-check-change-change races that violated policy module
	invariants.  The revocation now occurs after the atomic proc
	credential update prior to re-entering userland and the
	thread changing the credential re-gaining control.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#242 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#242 (text+ko) ====

@@ -2271,7 +2271,6 @@
 {
 
 	MAC_PERFORM(relabel_cred, cred, newlabel);
-	mac_cred_mmapped_drop_perms(curthread, cred);
 }
 
 void
@@ -3003,8 +3002,6 @@
 
 /*
  * MPSAFE
- *
- * XXX: Needs to be re-written for proc locking.
  */
 int
 __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap)
@@ -3039,12 +3036,19 @@
 
 	setsugid(p);
 	crcopy(newcred, oldcred);
-	PROC_UNLOCK(p);
 	mac_relabel_cred(newcred, &intlabel);
+	p->p_ucred = newcred;
 
-	PROC_LOCK(p);
-	p->p_ucred = newcred;
+	/*
+	 * Grab additional reference for use while revoking mmaps, prior
+	 * to releasing the proc lock and sharing the cred.
+	 */
+	crhold(newcred);
 	PROC_UNLOCK(p);
+
+	mac_cred_mmapped_drop_perms(td, newcred);
+
+	crfree(newcred);	/* Free revocation reference. */
 	crfree(oldcred);
 	mac_destroy_temp(&intlabel);
 	return (0);

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208151419.g7FEJ8Wd040505>