system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-18 22:33:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
freebsd-src/sys/kern
History
Christian S.J. Peron 68ff2a4397 Improve the MP safeness associated with the creation of symbolic 
links and the execution of ELF binaries. Two problems were found:

1) The link path wasn't tagged as being MP safe and thus was not properly
   protected.
2) The ELF interpreter vnode wasnt being locked in namei(9) and thus was
   insufficiently protected.

This commit makes the following changes:

-Sets the MPSAFE flag in NDINIT for symbolic link paths
-Sets the MPSAFE flag in NDINIT and introduce a vfslocked variable which
 will be used to instruct VFS_UNLOCK_GIANT to unlock Giant if it has been
 picked up.
-Drop in an assertion into vfs_lookup which ensures that if the MPSAFE
 flag is NOT set, that we have picked up giant. If not panic (if WITNESS
 compiled into the kernel). This should help us find conditions where vnode
 operations are in-sufficiently protected.

This is a RELENG_6 candidate.

Discussed with:	jeff
MFC after:	4 days
2005-09-15 15:03:48 +00:00
..
bus_if.m
clock_if.m
cpufreq_if.m
device_if.m
genassym.sh
imgact_aout.c
imgact_elf.c Improve the MP safeness associated with the creation of symbolic 2005-09-15 15:03:48 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_gzip.c
imgact_shell.c Fix a panic which could occur parsing #!-lines in a shell-script. If the 2005-06-19 02:21:03 +00:00
inflate.c
init_main.c Fix system shutdown timeout handling by again supporting longer running 2005-09-15 13:16:07 +00:00
init_sysent.c Regen. 2005-07-08 15:06:58 +00:00
kern_acct.c
kern_acl.c Convert the primary ACL allocator from malloc(9) to using a UMA zone instead. 2005-09-06 00:06:30 +00:00
kern_alq.c
kern_clock.c Use SCTL_MASK32 to determine that the sysctl call is from a 32bit 2005-06-30 17:17:29 +00:00
kern_condvar.c
kern_conf.c Retire unused dev_named() function. 2005-09-15 08:01:57 +00:00
kern_context.c
kern_cpu.c Break out the checks for duplicates and absolute settings being too high 2005-09-02 16:32:43 +00:00
kern_descrip.c Two minor optimizations of fdalloc(): 2005-08-26 11:16:39 +00:00
kern_environment.c Add bounds checking to the setenv part of the kernel environment. 2005-07-31 10:28:35 +00:00
kern_event.c Fix the recent panics/LORs/hangs created by my kqueue commit by: 2005-07-01 16:28:32 +00:00
kern_exec.c MFP4: 2005-06-30 19:01:26 +00:00
kern_exit.c Add witness warnings to panic if a thread tries to exit while holding any 2005-09-02 20:20:01 +00:00
kern_fork.c Fix the recent panics/LORs/hangs created by my kqueue commit by: 2005-07-01 16:28:32 +00:00
kern_idle.c
kern_intr.c Simplify the storming logic and remove a variable as a result. 2005-06-20 19:32:23 +00:00
kern_jail.c Actually only protect mount-point if security.jail.enforce_statfs is set to 2. 2005-06-23 22:13:29 +00:00
kern_kse.c Add witness warnings to panic if a thread tries to exit while holding any 2005-09-02 20:20:01 +00:00
kern_kthread.c
kern_ktr.c - Add curthread to the state that ktr is saving. The extra information is 2005-06-10 23:21:29 +00:00
kern_ktrace.c Close another information leak in ktrace(2): one was able to find active 2005-06-24 12:05:24 +00:00
kern_linker.c Fix panic when module is compiled in and it is loaded from loader.conf. 2005-05-28 23:20:05 +00:00
kern_lock.c Print out a warning and a backtrace if we try to unlock a lockmgr that 2005-09-02 15:56:01 +00:00
kern_lockf.c
kern_mac.c Bump the module versions of the MAC Framework and MAC policy modules 2005-07-14 10:46:03 +00:00
kern_malloc.c Long overdue, keep up with mbuf.h,v 1.148. 2005-08-02 20:03:23 +00:00
kern_mbuf.c Define four constants, MBUF_{,MEM,CLUSTER,PACKET,TAG}_MEM_NAME, which 2005-07-17 14:04:03 +00:00
kern_mib.c mp_ncpus is always (properly) initialized, even on UP kernels, so just use it. 2005-08-21 18:03:31 +00:00
kern_module.c
kern_mtxpool.c
kern_mutex.c - Add an assertion to panic if one tries to call mtx_trylock() on a spin 2005-09-02 20:21:49 +00:00
kern_ntptime.c Explicitly acquire Giant around the ntp_gettime() and assert it in the 2005-05-28 14:34:41 +00:00
kern_physio.c
kern_pmc.c Fail the module loading process if the currently executing kernel 2005-07-30 09:02:42 +00:00
kern_poll.c Document flags of a pollrec. 2005-09-06 11:09:18 +00:00
kern_proc.c
kern_prot.c
kern_resource.c Giant is no longer required in kern_setrlimit(); remove its acquisition and 2005-06-01 17:52:51 +00:00
kern_sema.c
kern_shutdown.c Add a new struct buf flag bit, B_PERSISTENT, and use it to tag 2005-09-08 06:30:05 +00:00
kern_sig.c Fix a bug relavant to debugging, a masked signal unexpectedly interrupts 2005-06-06 05:13:10 +00:00
kern_subr.c
kern_switch.c In adjustrunqueue(), add code to handle thread migrating case for 2005-08-03 01:23:45 +00:00
kern_sx.c
kern_synch.c Use low level constructs borrowed from interrupt threads to wait for 2005-05-23 23:01:53 +00:00
kern_syscalls.c
kern_sysctl.c Drop in a WITNESS_WARN into SYSCTL_IN to make sure that we are 2005-08-08 21:06:42 +00:00
kern_tc.c Forward declaring static variables as extern is invalid ISO-C. Now that 2005-09-07 10:06:14 +00:00
kern_thr.c Validate if the value written into {FS,GS}.base is a canonical 2005-07-10 23:31:11 +00:00
kern_thread.c Remove sleep queue hack, it is no longer needed with current sleep queue. 2005-05-27 04:27:22 +00:00
kern_time.c
kern_timeout.c Make callout_reset() return a non-zero value if a pending callout 2005-09-08 14:20:39 +00:00
kern_umtx.c
kern_uuid.c
kern_xxx.c
ksched.c
link_elf.c Correctly handle vm_map_wire()'s failure. (See also revisions 1.81 and 2005-08-28 04:50:11 +00:00
link_elf_obj.c Handle vm_map_wire()'s failure. 2005-08-28 05:38:40 +00:00
linker_if.m
Make.tags.inc
Makefile Add a 'sysent' target that depends on the various files built from 2005-07-13 20:50:17 +00:00
makesyscalls.sh Introduce a new field in the syscalls.master file format to hold the 2005-05-30 15:09:18 +00:00
md4c.c
md5c.c
p1003_1b.c
posix4_mib.c
sched_4bsd.c Move HWPMC_HOOKS into its own opt_hwpmc_hooks.h file. It doesn't merit 2005-06-24 00:16:57 +00:00
sched_ule.c Move up code for testing KEF_HOLD to avoid ke_cpu being changed unexpectly 2005-08-19 11:51:41 +00:00
subr_acl_posix1e.c Convert the primary ACL allocator from malloc(9) to using a UMA zone instead. 2005-09-06 00:06:30 +00:00
subr_autoconf.c
subr_blist.c
subr_bus.c Simplify the code a bit after the bzero(). 2005-06-09 05:50:01 +00:00
subr_clist.c
subr_clock.c
subr_devstat.c
subr_disk.c - Fix insertions of bios which represent data earlier than anything else 2005-06-15 23:32:07 +00:00
subr_eventhandler.c
subr_hints.c The resource_xxx routines in subr_hints.c are called before and after the 2005-07-31 10:46:55 +00:00
subr_kdb.c Move the KDB_STOP_NMI option from opt_global.h to opt_kdb.h 2005-06-29 23:23:16 +00:00
subr_kobj.c Export a routine, kobj_machdep_init(), that allows platforms 2005-08-07 02:20:35 +00:00
subr_log.c
subr_mbpool.c
subr_mchain.c Change API of mb_copy_t in libmchain so that netsmb can handle 2005-07-29 13:22:37 +00:00
subr_module.c
subr_msgbuf.c
subr_param.c
subr_pcpu.c
subr_power.c
subr_prf.c When padding with zero, do pad after prefixes rather than padding 2005-09-04 18:03:45 +00:00
subr_prof.c
subr_rman.c
subr_rtc.c
subr_sbuf.c
subr_scanf.c
subr_sleepqueue.c Remove thread_upcall_check, it was used to avoid race bug in earlier 2005-05-27 15:57:27 +00:00
subr_smp.c Second part of commit for moving KDB_STOP_NMI from opt_global.h to 2005-06-30 03:38:10 +00:00
subr_stack.c Add 'depth' argument to CTRSTACK() macro, which allows to reduce number 2005-08-29 11:34:08 +00:00
subr_taskqueue.c
subr_trap.c
subr_turnstile.c
subr_unit.c
subr_witness.c Relocate witness_levelall(), witness_leveldescendents(), and 2005-09-11 07:57:06 +00:00
sys_generic.c - Add two new system calls: preadv() and pwritev() which are like readv() 2005-07-07 18:17:55 +00:00
sys_pipe.c Fix the recent panics/LORs/hangs created by my kqueue commit by: 2005-07-01 16:28:32 +00:00
sys_process.c Fix a LOR between sched_lock and sleep queue lock. 2005-08-19 13:35:34 +00:00
sys_socket.c
syscalls.c Regen. 2005-07-08 15:06:58 +00:00
syscalls.master Mark second instance of lchown() MP safe just like the first. 2005-07-08 15:01:13 +00:00
sysv_ipc.c
sysv_msg.c
sysv_sem.c Gratuitous renaming of four System V Semaphore MAC Framework entry 2005-06-07 05:03:28 +00:00
sysv_shm.c Change the data type of the upper shared memory limits from a signed 2005-08-06 07:20:18 +00:00
tty.c Fix the recent panics/LORs/hangs created by my kqueue commit by: 2005-07-01 16:28:32 +00:00
tty_compat.c
tty_conf.c
tty_cons.c
tty_pty.c Merge the dev_clone and dev_clone_cred event handlers into a single 2005-08-08 19:55:32 +00:00
tty_subr.c
tty_tty.c Merge the dev_clone and dev_clone_cred event handlers into a single 2005-08-08 19:55:32 +00:00
uipc_accf.c o setsockopt(2) cannot remove accept filter. [1] 2005-06-11 11:59:48 +00:00
uipc_cow.c Allow sends sent from non page-aligned userspace addresses to be 2005-06-05 17:13:23 +00:00
uipc_domain.c
uipc_mbuf.c Changes and cleanups to m_sanity(): 2005-08-30 21:31:42 +00:00
uipc_mbuf2.c Define four constants, MBUF_{,MEM,CLUSTER,PACKET,TAG}_MEM_NAME, which 2005-07-17 14:04:03 +00:00
uipc_proto.c
uipc_sem.c In sem_forkhook(), don't attempt to generate a copy of the process semaphore 2005-06-08 07:29:22 +00:00
uipc_sockbuf.c Fix the recent panics/LORs/hangs created by my kqueue commit by: 2005-07-01 16:28:32 +00:00
uipc_socket.c Backout rev. 1.246, it breaks code uses shutdown(2) on non-connected 2005-09-15 13:18:05 +00:00
uipc_socket2.c Fix the recent panics/LORs/hangs created by my kqueue commit by: 2005-07-01 16:28:32 +00:00
uipc_syscalls.c Add MAC Framework and MAC policy entry point mac_check_socket_create(), 2005-07-05 22:49:10 +00:00
uipc_usrreq.c
vfs_acl.c Convert the primary ACL allocator from malloc(9) to using a UMA zone instead. 2005-09-06 00:06:30 +00:00
vfs_aio.c Eliminate inconsistency in the setting of the B_DONE flag. Specifically, 2005-07-20 19:06:06 +00:00
vfs_bio.c - Use lockmgr_printinfo rather than rolling our own. This introduces a 2005-08-03 05:02:08 +00:00
vfs_cache.c - Fix a leaked reference to a vnode via v_dd. We rely on cache_purge() and 2005-06-17 01:05:13 +00:00
vfs_cluster.c Do not use vm_pager_init() to initialize vnode_pbuf_freecnt variable. 2005-08-13 20:21:33 +00:00
vfs_default.c In vop_stdpathconf(ap) also default for _PC_NAME_MAX and _PC_PATH_MAX. 2005-08-17 06:59:23 +00:00
vfs_export.c Handle theoretical case of vfs_export being called with both MNT_DELEXPORT and 2005-05-11 18:25:42 +00:00
vfs_extattr.c Improve the MP safeness associated with the creation of symbolic 2005-09-15 15:03:48 +00:00
vfs_hash.c Don't retry when vget() returns ENOENT in the nonblocking case due to the 2005-09-12 01:48:57 +00:00
vfs_init.c
vfs_lookup.c Improve the MP safeness associated with the creation of symbolic 2005-09-15 15:03:48 +00:00
vfs_mount.c Don't unbusy the devfs mount in vfs_mountroot_try() as it gets accessed 2005-09-02 13:37:54 +00:00
vfs_subr.c In vfs_kqfilter(), return EINVAL instead of 1 (EPERM) when an unsupported 2005-09-12 19:22:37 +00:00
vfs_syscalls.c Improve the MP safeness associated with the creation of symbolic 2005-09-15 15:03:48 +00:00
vfs_vnops.c - Replace the series of DEBUG_LOCKS hacks which tried to save the vn_lock 2005-08-03 04:48:22 +00:00
vnode_if.src Allow EVFILT_VNODE events to work on every filesystem type, not just 2005-06-09 20:20:31 +00:00