diff options
| author | Scott Soule Cheloha <cheloha@cvs.openbsd.org> | 2022-06-27 14:26:07 +0000 |
|---|---|---|
| committer | Scott Soule Cheloha <cheloha@cvs.openbsd.org> | 2022-06-27 14:26:07 +0000 |
| commit | 8fe3a7597bb4da7d07a0d044418c3d48e560cb4c (patch) | |
| tree | fa9cb2dd533b4b840d8bbc06f0bd3e6cc5c218fc /gnu | |
| parent | 03de3d1814eadb2585f14d09586c6c0cf41c7392 (diff) | |
kbind(2): unlock syscall, push kernel lock down to binding loop
- Rearrange the security check code in sys_kbind() so that we only
need to take the kernel lock once if we need to raise SIGILL.
- Protect process.ps_kbind_addr and process.ps_kbind_cookie with
process.ps_mtx. This is easier to do after the aforementioned
rearrangement. Under normal circumstances this isn't necessary:
the process is single-threaded when we initialize kbind(2).
But in stranger situations this brief mutex ensures that the
first thread to reach sys_kbind() initializes both variables.
- Wrap the binding loop with the kernel lock. We need to carefully
confirm that uvm_unmap_remove(), uvm_map_extract(), and
uvm_unmap_detach() are MP-safe in a subsequent patch before
completely removing the kernel lock from sys_kbind().
- Remove the kernel lock from kbind(2) in syscalls.master.
Prompted by mpi@, dlg@, and deraadt@. Current patch workshopped with
deraadt@. Based on a patch from dlg@.
With input from dlg@, bluhm@, mpi@, kettenis@, deraadt@, and
guenther@.
Thread: https://marc.info/?l=openbsd-tech&m=165274831829349&w=2
ok deraadt@ kettenis@ mpi@
Diffstat (limited to 'gnu')
0 files changed, 0 insertions, 0 deletions