Cause pfind() not to return processes in the PRS_NEW state. As a result,
threads consuming the result of pfind() will not need to check for a NULL credential pointer or other signs of an incompletely created process. However, this also means that pfind() cannot be used to test for the existence or find such a process. Annotate pfind() to indicate that this is the case. A review of curent consumers seems to indicate that this is not a problem for any of them. This closes a number of race conditions that could result in NULL pointer dereferences and related failure modes. Other related races continue to exist, especially during iteration of the allproc list without due caution. Discussed with: tjr, green
This commit is contained in:
parent
f13a7951e1
commit
6cbea71c82
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=133722
@ -242,7 +242,10 @@ inferior(p)
|
||||
}
|
||||
|
||||
/*
|
||||
* Locate a process by number
|
||||
* Locate a process by number; return only "live" processes -- i.e., neither
|
||||
* zombies nor newly born but incompletely initialized processes. By not
|
||||
* returning processes in the PRS_NEW state, we allow callers to avoid
|
||||
* testing for that condition to avoid dereferencing p_ucred, et al.
|
||||
*/
|
||||
struct proc *
|
||||
pfind(pid)
|
||||
@ -253,6 +256,10 @@ pfind(pid)
|
||||
sx_slock(&allproc_lock);
|
||||
LIST_FOREACH(p, PIDHASH(pid), p_hash)
|
||||
if (p->p_pid == pid) {
|
||||
if (p->p_state == PRS_NEW) {
|
||||
p = NULL;
|
||||
break;
|
||||
}
|
||||
PROC_LOCK(p);
|
||||
break;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user