diff options
| author | Philip Guenthe <guenther@cvs.openbsd.org> | 2012-08-23 00:11:57 +0000 |
|---|---|---|
| committer | Philip Guenthe <guenther@cvs.openbsd.org> | 2012-08-23 00:11:57 +0000 |
| commit | 4d568fadae9b32597eb9bfde55896fda18b23d5e (patch) | |
| tree | 3424392a84987afb06ebb27db68eb9227a376998 /sys/kern | |
| parent | 0f00c9bf52870a9dbcbd3d7fcc0b9c42b7b8598e (diff) | |
To protect assumptions inside systrace, don't let systrace fds be
shared between processes.
ok djm@
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_descrip.c | 32 | ||||
| -rw-r--r-- | sys/kern/uipc_usrreq.c | 7 |
2 files changed, 20 insertions, 19 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index bafc9d0e305..457578e9963 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_descrip.c,v 1.98 2012/07/11 23:07:19 guenther Exp $ */ +/* $OpenBSD: kern_descrip.c,v 1.99 2012/08/23 00:11:56 guenther Exp $ */ /* $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $ */ /* @@ -970,21 +970,7 @@ fdcopy(struct proc *p) bcopy(fdp->fd_lomap, newfdp->fd_lomap, NDLOSLOTS(i) * sizeof(u_int)); fdpunlock(fdp); - /* - * kq descriptors cannot be copied. - */ fdplock(newfdp); - if (newfdp->fd_knlistsize != -1) { - fpp = newfdp->fd_ofiles; - for (i = 0; i <= newfdp->fd_lastfile; i++, fpp++) - if (*fpp != NULL && (*fpp)->f_type == DTYPE_KQUEUE) - fdremove(newfdp, i); - newfdp->fd_knlist = NULL; - newfdp->fd_knlistsize = -1; - newfdp->fd_knhash = NULL; - newfdp->fd_knhashmask = 0; - } - fpp = newfdp->fd_ofiles; for (i = 0; i <= newfdp->fd_lastfile; i++, fpp++) if (*fpp != NULL) { @@ -992,12 +978,26 @@ fdcopy(struct proc *p) * XXX Gruesome hack. If count gets too high, fail * to copy an fd, since fdcopy()'s callers do not * permit it to indicate failure yet. + * Meanwhile, kqueue and systrace files have to be + * tied to the process that opened them to enforce + * their internal consistency, so close them here. */ - if ((*fpp)->f_count == LONG_MAX-2) + if ((*fpp)->f_count == LONG_MAX-2 || + (*fpp)->f_type == DTYPE_KQUEUE || + (*fpp)->f_type == DTYPE_SYSTRACE) fdremove(newfdp, i); else (*fpp)->f_count++; } + + /* finish cleaning up kq bits */ + if (newfdp->fd_knlistsize != -1) { + newfdp->fd_knlist = NULL; + newfdp->fd_knlistsize = -1; + newfdp->fd_knhash = NULL; + newfdp->fd_knhashmask = 0; + } + fdpunlock(newfdp); return (newfdp); } diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c index 728ff34305b..6b5ec3ecba9 100644 --- a/sys/kern/uipc_usrreq.c +++ b/sys/kern/uipc_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_usrreq.c,v 1.66 2012/04/26 17:18:17 matthew Exp $ */ +/* $OpenBSD: uipc_usrreq.c,v 1.67 2012/08/23 00:11:56 guenther Exp $ */ /* $NetBSD: uipc_usrreq.c,v 1.18 1996/02/09 19:00:50 christos Exp $ */ /* @@ -835,8 +835,9 @@ morespace: error = EDEADLK; goto fail; } - /* kq descriptors cannot be copied */ - if (fp->f_type == DTYPE_KQUEUE) { + /* kq and systrace descriptors cannot be copied */ + if (fp->f_type == DTYPE_KQUEUE || + fp->f_type == DTYPE_SYSTRACE) { error = EINVAL; goto fail; } |