Date: Thu, 15 Aug 2002 07:19:08 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 16023 for review Message-ID: <200208151419.g7FEJ8Wd040505@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=16023 Change 16023 by rwatson@rwatson_tislabs on 2002/08/15 07:18:49 Move the invocation of mac_cred_mmapped_drop_perms() to outside of the proc locking window during a process credential update, closing a race condition opened when mmap revocation was introduced. Otherwise, we were susceptible to check-check-change-change races that violated policy module invariants. The revocation now occurs after the atomic proc credential update prior to re-entering userland and the thread changing the credential re-gaining control. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#242 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#242 (text+ko) ==== @@ -2271,7 +2271,6 @@ { MAC_PERFORM(relabel_cred, cred, newlabel); - mac_cred_mmapped_drop_perms(curthread, cred); } void @@ -3003,8 +3002,6 @@ /* * MPSAFE - * - * XXX: Needs to be re-written for proc locking. */ int __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) @@ -3039,12 +3036,19 @@ setsugid(p); crcopy(newcred, oldcred); - PROC_UNLOCK(p); mac_relabel_cred(newcred, &intlabel); + p->p_ucred = newcred; - PROC_LOCK(p); - p->p_ucred = newcred; + /* + * Grab additional reference for use while revoking mmaps, prior + * to releasing the proc lock and sharing the cred. + */ + crhold(newcred); PROC_UNLOCK(p); + + mac_cred_mmapped_drop_perms(td, newcred); + + crfree(newcred); /* Free revocation reference. */ crfree(oldcred); mac_destroy_temp(&intlabel); return (0); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208151419.g7FEJ8Wd040505>