d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix the race of dereferencing /proc/<pid>/file with execve(2) by caching

Browse Source 
the value of p_textvp. This way, we always unlock the locked vnode.
While there, vhold() the vnode around the vn_lock().

Reported and tested by:	Guy Helmer (ghelmer palisadesys com)
Approved by:		des (procfs maintainer)
MFC after:		1 week
This commit is contained in:
Konstantin Belousov 2007-02-07 10:30:49 +00:00
parent e9f995d824
commit a257337698
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
sys/fs/procfs/procfs.c
View File

@ -69,10 +69,18 @@ procfs_doprocfile(PFS_FILL_ARGS)
{
char *fullpath = "unknown";
char *freepath = NULL;
struct vnode *textvp;
int err;
vn_lock(p->p_textvp, LK_EXCLUSIVE | LK_RETRY, td);
vn_fullpath(td, p->p_textvp, &fullpath, &freepath);
VOP_UNLOCK(p->p_textvp, 0, td);
textvp = p->p_textvp;
VI_LOCK(textvp);
vholdl(textvp);
err = vn_lock(textvp, LK_EXCLUSIVE | LK_INTERLOCK, td);
vdrop(textvp);
if (err)
return (err);
vn_fullpath(td, textvp, &fullpath, &freepath);
VOP_UNLOCK(textvp, 0, td);
sbuf_printf(sb, "%s", fullpath);
if (freepath)
free(freepath, M_TEMP);