d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix error handling bug that would prevent MAC structures from getting

Browse Source 
freed properly if resource limit got exceeded.

Approved by:	re (kib)
This commit is contained in:
Edward Tomasz Napierala 2011-09-17 20:48:49 +00:00
parent b38520f09c
commit 1dbf9dcc20
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=225642
1 changed files with 18 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
sys/kern/kern_fork.c
View File

@ -863,11 +863,6 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
}
} else
vm2 = NULL;
#ifdef MAC
mac_proc_init(newproc);
#endif
knlist_init_mtx(&newproc->p_klist, &newproc->p_mtx);
STAILQ_INIT(&newproc->p_ktr);
/*
* XXX: This is ugly; when we copy resource usage, we need to bump
@ -884,6 +879,23 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
goto fail1;
}
#ifdef RACCT
PROC_LOCK(newproc);
error = racct_add(newproc, RACCT_NPROC, 1);
error += racct_add(newproc, RACCT_NTHR, 1);
PROC_UNLOCK(newproc);
if (error != 0) {
error = EAGAIN;
goto fail1;
}
#endif
#ifdef MAC
mac_proc_init(newproc);
#endif
knlist_init_mtx(&newproc->p_klist, &newproc->p_mtx);
STAILQ_INIT(&newproc->p_ktr);
/* We have to lock the process tree while we look for a pid. */
sx_slock(&proctree_lock);
@ -901,20 +913,6 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
goto fail;
}
#ifdef RACCT
/*
* After fork, there is exactly one thread running.
*/
PROC_LOCK(newproc);
error = racct_add(newproc, RACCT_NPROC, 1);
error += racct_add(newproc, RACCT_NTHR, 1);
PROC_UNLOCK(newproc);
if (error != 0) {
error = EAGAIN;
goto fail;
}
#endif
/*
* Increment the count of procs running with this uid. Don't allow
* a nonprivileged user to exceed their current limit.
@ -946,7 +944,6 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
error = EAGAIN;
fail:
racct_proc_exit(newproc);
sx_sunlock(&proctree_lock);
if (ppsratecheck(&lastfail, &curfail, 1))
printf("maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5).\n",
@ -956,6 +953,7 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
mac_proc_destroy(newproc);
#endif
fail1:
racct_proc_exit(newproc);
if (vm2 != NULL)
vmspace_free(vm2);
uma_zfree(proc_zone, newproc);