freebsd-nq/sys/kern
Konstantin Belousov 9e590ff04b When filt_proc() removes event from the knlist due to the process
exiting (NOTE_EXIT->knlist_remove_inevent()), two things happen:
- knote kn_knlist pointer is reset
- INFLUX knote is removed from the process knlist.
And, there are two consequences:
- KN_LIST_UNLOCK() on such knote is nop
- there is nothing which would block exit1() from processing past the
  knlist_destroy() (and knlist_destroy() resets knlist lock pointers).
Both consequences result either in leaked process lock, or
dereferencing NULL function pointers for locking.

Handle this by stopping embedding the process knlist into struct proc.
Instead, the knlist is allocated together with struct proc, but marked
as autodestroy on the zombie reap, by knlist_detach() function.  The
knlist is freed when last kevent is removed from the list, in
particular, at the zombie reap time if the list is empty.  As result,
the knlist_remove_inevent() is no longer needed and removed.

Other changes:

In filt_procattach(), clear NOTE_EXEC and NOTE_FORK desired events
from kn_sfflags for knote registered by kernel to only get NOTE_CHILD
notifications.  The flags leak resulted in excessive
NOTE_EXEC/NOTE_FORK reports.

Fix immediate note activation in filt_procattach().  Condition should
be either the immediate CHILD_NOTE activation, or immediate NOTE_EXIT
report for the exiting process.

In knote_fork(), do not perform racy check for KN_INFLUX before kq
lock is taken.  Besides being racy, it did not accounted for notes
just added by scan (KN_SCAN).

Some minor and incomplete style fixes.

Analyzed and tested by:	Eric Badger <eric@badgerio.us>
Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Approved by:	re (gjb)
Differential revision:	https://reviews.freebsd.org/D6859
2016-06-27 21:52:17 +00:00
..
bus_if.m (1) Add a new bus method to get a mapping data for an interrupt. 2016-06-05 16:07:57 +00:00
capabilities.conf Add futimens and utimensat system calls. 2015-01-23 21:07:08 +00:00
clock_if.m
cpufreq_if.m
device_if.m Import the 'iflib' API library for network drivers. From the author: 2016-05-18 04:35:58 +00:00
genassym.sh genassym.sh: call nm(1) with NMFLAGS. 2015-08-14 22:57:13 +00:00
imgact_aout.c Implement vsyscall hack. Prior to 2.13 glibc uses vsyscall 2016-01-09 20:18:53 +00:00
imgact_binmisc.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c Include machine/acle-compat.h in cdefs.h on arm if the compiler doesn't 2016-05-25 19:44:26 +00:00
imgact_gzip.c Implement lockless resource limits. 2015-06-10 10:48:12 +00:00
imgact_shell.c
inflate.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
init_main.c When filt_proc() removes event from the knlist due to the process 2016-06-27 21:52:17 +00:00
init_sysent.c Generate syscall tables and update pipe() implementation after r302094. 2016-06-22 21:18:19 +00:00
kern_acct.c
kern_alq.c Use SI_SUB_LAST instead of SI_SUB_SMP as the "catch-all" subsystem. 2016-03-11 23:18:06 +00:00
kern_clock.c Do not acquire the thread lock in hardclock_cnt() unless needed. 2016-05-18 03:55:54 +00:00
kern_clocksource.c Add an EARLY_AP_STARTUP option to start APs earlier during boot. 2016-05-14 18:22:52 +00:00
kern_condvar.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
kern_conf.c Provide yet another KPI for cdev creation, make_dev_s(9). 2016-01-07 20:08:02 +00:00
kern_cons.c CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
kern_context.c
kern_cpu.c Add an EARLY_AP_STARTUP option to start APs earlier during boot. 2016-05-14 18:22:52 +00:00
kern_cpuset.c Add more fine-grained kernel options for NUMA support. 2016-04-09 13:58:04 +00:00
kern_ctf.c Don't specify a resid parameter if we're just going to ignore it. Instead, 2015-02-20 20:49:00 +00:00
kern_descrip.c fd: provide a common exit point for unlock in kern_dup 2016-05-27 17:00:15 +00:00
kern_dtrace.c
kern_dump.c kernel: use our nitems() macro when it is available through param.h. 2016-04-19 23:48:27 +00:00
kern_environment.c Create wrappers for uint64_t and int64_t for the tunables. While not 2016-04-15 03:09:55 +00:00
kern_et.c Trivial change / forced-commit to document prior change that slipped in 2015-03-16 19:29:19 +00:00
kern_event.c When filt_proc() removes event from the knlist due to the process 2016-06-27 21:52:17 +00:00
kern_exec.c When filt_proc() removes event from the knlist due to the process 2016-06-27 21:52:17 +00:00
kern_exit.c When filt_proc() removes event from the knlist due to the process 2016-06-27 21:52:17 +00:00
kern_fail.c Fix some cosmetic issues in kern_fail.c omitted from r296927. 2016-06-09 13:17:08 +00:00
kern_ffclock.c kernel: use our nitems() macro when it is available through param.h. 2016-04-19 23:48:27 +00:00
kern_fork.c When filt_proc() removes event from the knlist due to the process 2016-06-27 21:52:17 +00:00
kern_gzio.c Move zlib.c from net to libkern. 2015-04-22 14:38:58 +00:00
kern_hhook.c Get closer to a VIMAGE network stack teardown from top to bottom rather 2016-06-21 13:48:49 +00:00
kern_idle.c
kern_intr.c The part of r285680 which removed release semantic for two stores to 2015-07-21 14:39:34 +00:00
kern_jail.c Fix a vnode leak when giving a child jail a too-long path when 2016-06-09 21:59:11 +00:00
kern_khelp.c
kern_kthread.c Update comments for the MD functions managing contexts for new 2016-06-16 12:05:44 +00:00
kern_ktr.c Fix the logic in the ddb command 'show ktr /a'. Prior to r118269 it would 2016-01-31 17:32:20 +00:00
kern_ktrace.c kernel: use our nitems() macro when it is available through param.h. 2016-04-19 23:48:27 +00:00
kern_linker.c Add DDB command "kldstat" 2016-06-09 18:27:41 +00:00
kern_lock.c Microoptimize locking primitives by avoiding unnecessary atomic ops. 2016-06-01 18:32:20 +00:00
kern_lockf.c When sleeping waiting for either local or remote advisory lock, 2016-06-26 20:08:42 +00:00
kern_lockstat.c Consistently use a reader/writer flag for lockstat probes in rwlock(9) and 2015-07-19 22:24:33 +00:00
kern_loginclass.c Speed up rctl operation with large rulesets, by holding the lock 2015-11-15 12:10:51 +00:00
kern_malloc.c Move IPv6 malloc tag definitions into the IPv6 code. 2016-05-20 04:45:08 +00:00
kern_mbuf.c Import the 'iflib' API library for network drivers. From the author: 2016-05-18 04:35:58 +00:00
kern_mib.c Fix build after r295934. 2016-02-23 23:37:10 +00:00
kern_module.c Provide better debug message on kernel module name clash. 2015-10-10 09:21:55 +00:00
kern_mtxpool.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
kern_mutex.c Microoptimize locking primitives by avoiding unnecessary atomic ops. 2016-06-01 18:32:20 +00:00
kern_ntptime.c Use the monotonic (uptime) counter rather than time-of-day to measure elapsed 2015-07-12 18:38:17 +00:00
kern_numa.c Add an initial NUMA affinity/policy configuration for threads and processes. 2015-07-11 15:21:37 +00:00
kern_osd.c osd(9): Change array pointer to array pointer type from void* 2016-04-26 19:57:35 +00:00
kern_physio.c Add four new RCTL resources - readbps, readiops, writebps and writeiops, 2016-04-07 04:23:25 +00:00
kern_pmc.c
kern_poll.c When a kernel has DEVICE_POLLING turned on but no drivers have 2015-04-14 14:22:34 +00:00
kern_priv.c
kern_proc.c Get rid of struct proc p_sched and struct thread td_sched pointers. 2016-06-05 17:04:03 +00:00
kern_procctl.c If process becomes reaper (procctl(PROC_REAP_ACQUIRE)) while already 2015-08-20 22:44:26 +00:00
kern_prot.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
kern_racct.c Get rid of rctl_lock; use racct_lock where appropriate. The fast paths 2016-04-21 16:22:52 +00:00
kern_rangelock.c
kern_rctl.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
kern_resource.c Implement process-shared locks support for libthr.so.3, without 2016-02-28 17:52:33 +00:00
kern_rmlock.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
kern_rwlock.c Microoptimize locking primitives by avoiding unnecessary atomic ops. 2016-06-01 18:32:20 +00:00
kern_sdt.c
kern_sema.c
kern_sendfile.c The sendfile(2) allows to send extra data from userspace before the file 2016-03-29 19:57:11 +00:00
kern_sharedpage.c Split kerne timekeep ABI structure vdso_sv_tk out of the struct 2015-11-23 07:09:35 +00:00
kern_shutdown.c Implement a show panic command to DDB which will helpfully print the 2016-06-06 20:57:24 +00:00
kern_sig.c When filt_proc() removes event from the knlist due to the process 2016-06-27 21:52:17 +00:00
kern_switch.c Revert for r277213: 2015-01-22 11:12:42 +00:00
kern_sx.c Microoptimize locking primitives by avoiding unnecessary atomic ops. 2016-06-01 18:32:20 +00:00
kern_synch.c Get rid of struct proc p_sched and struct thread td_sched pointers. 2016-06-05 17:04:03 +00:00
kern_syscalls.c Implement lockless resource limits. 2015-06-10 10:48:12 +00:00
kern_sysctl.c Add support for boolean sysctl's. 2016-05-26 08:41:55 +00:00
kern_tc.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
kern_thr.c Do not clear robust lists pointers on fork. The forked child thread 2016-06-25 11:31:25 +00:00
kern_thread.c Rewrite sigdeferstop(9) and sigallowstop(9) into more flexible 2016-06-26 20:07:24 +00:00
kern_time.c sys: extend use of the howmany() macro when available. 2016-04-26 15:38:17 +00:00
kern_timeout.c Implement a show panic command to DDB which will helpfully print the 2016-06-06 20:57:24 +00:00
kern_umtx.c Add implementation of robust mutexes, hopefully close enough to the 2016-05-17 09:56:22 +00:00
kern_uuid.c
kern_xxx.c
ksched.c Use P1B_PRIO_MAX to designate max posix priority for the RR/FIFO 2015-08-30 18:02:57 +00:00
link_elf_obj.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
link_elf.c kern: for pointers replace 0 with NULL. 2016-04-15 16:10:11 +00:00
linker_if.m sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
Make.tags.inc Bring the tags and links entries for amd64 up to date. 2015-10-27 22:59:24 +00:00
Makefile
makesyscalls.sh Add support for COMPAT10 keywords in syscalls.master. 2016-06-22 21:12:53 +00:00
md4c.c crypto routines: Hint minimum buffer sizes to the compiler 2016-05-26 19:29:29 +00:00
md5c.c crypto routines: Hint minimum buffer sizes to the compiler 2016-05-26 19:29:29 +00:00
msi_if.m Introduce MSI and MSI-X support to intrng. This adds a new msi device 2016-05-16 09:11:40 +00:00
p1003_1b.c In preparation for switching linuxulator to the use the native 1:1 2015-05-24 14:44:06 +00:00
pic_if.m Remove FDT specific parts from INTRNG. Change its interface to make it 2016-04-04 09:15:25 +00:00
posix4_mib.c posix4_mib: Don't overrun facility_initialized array 2016-04-27 00:10:32 +00:00
sched_4bsd.c Get rid of struct proc p_sched and struct thread td_sched pointers. 2016-06-05 17:04:03 +00:00
sched_ule.c Get rid of struct proc p_sched and struct thread td_sched pointers. 2016-06-05 17:04:03 +00:00
serdev_if.m
stack_protector.c Use nitems() macro instead of __arraycount() 2015-06-16 20:19:00 +00:00
subr_acl_nfs4.c Expose an interface to determine if an ACE is inherited. 2015-09-04 00:14:20 +00:00
subr_acl_posix1e.c
subr_autoconf.c
subr_blist.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
subr_bufring.c
subr_bus_dma.c Fix a bug introduced in r291716: 2016-01-11 20:38:39 +00:00
subr_bus.c (1) Add a new bus method to get a mapping data for an interrupt. 2016-06-05 16:07:57 +00:00
subr_busdma_bufalloc.c Fix printf format to allow for bus_size_t not being u_long on all platforms. 2015-10-20 03:25:17 +00:00
subr_capability.c capsicum: plug spurious memset in __cap_rights_init 2015-12-01 02:48:42 +00:00
subr_clock.c For architectures where time_t is wide enough, in particular, 64bit 2014-12-12 09:37:18 +00:00
subr_counter.c Free the temporary buffer in sysctl_handle_counter_u64_array(). 2016-03-15 00:21:32 +00:00
subr_devmap.c Include machine/acle-compat.h in cdefs.h on arm if the compiler doesn't 2016-05-25 19:44:26 +00:00
subr_devstat.c Add support for managing Shingled Magnetic Recording (SMR) drives. 2016-05-19 14:08:36 +00:00
subr_disk.c
subr_dummy_vdso_tc.c Update the vdso timehands only via tc_windup(). 2015-01-20 03:54:30 +00:00
subr_eventhandler.c
subr_fattime.c Where appropriate, use the modern terms for the one true time base 2014-12-21 05:07:11 +00:00
subr_firmware.c Create a dedicated function for ensuring that cdir and rdir are populated. 2015-07-11 16:22:48 +00:00
subr_hash.c kern: Factor out function to convert hash flags to malloc(9) flags 2016-05-04 03:07:52 +00:00
subr_hints.c Add a new device control utility for new-bus devices called devctl. This 2015-02-06 16:09:01 +00:00
subr_intr.c Remove temporary solution for storing interrupt mapping data as 2016-06-07 09:03:27 +00:00
subr_kdb.c Fix multiple incorrect SYSCTL arguments in the kernel: 2014-10-21 07:31:21 +00:00
subr_kobj.c
subr_lock.c Add _NEW flag to mtx(9), sx(9), rmlock(9) and rwlock(9). 2014-12-13 21:00:10 +00:00
subr_log.c
subr_mbpool.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
subr_mchain.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
subr_module.c preload_search_info: make sure mod is set 2015-08-21 15:57:57 +00:00
subr_msgbuf.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
subr_param.c Ensure that maxproc does not exceed pid_max, at the time of boot. 2015-09-21 15:02:59 +00:00
subr_pcpu.c
subr_pctrie.c sys: extend use of the howmany() macro when available. 2016-04-26 15:38:17 +00:00
subr_power.c
subr_prf.c kvprintf: Pad %*c to width, like %*s 2016-06-09 18:24:51 +00:00
subr_prof.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
subr_rman.c Add new bus methods for mapping resources. 2016-05-20 17:57:47 +00:00
subr_rtc.c rtc: fix inverted resolution check 2016-05-04 13:48:59 +00:00
subr_sbuf.c Fail the sbuf if vsnprintf(3) fails. 2015-10-02 09:23:14 +00:00
subr_scanf.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
subr_sfbuf.c
subr_sglist.c Add sglist functions for working with arrays of VM pages. 2016-05-20 23:28:43 +00:00
subr_sleepqueue.c Micro-optimize sleepq_broadcast(). 2016-05-18 03:50:21 +00:00
subr_smp.c topo_set_pu_id: turn a check into an assertion 2016-04-08 11:59:11 +00:00
subr_stack.c Add support for a configurable output channel to witness(4). 2015-11-19 05:56:59 +00:00
subr_syscall.c Support an arbitrary number of arguments to DTrace syscall probes. 2015-12-17 00:00:27 +00:00
subr_taskqueue.c taskqueue: plug a leak in _taskqueue_create 2016-06-02 15:52:34 +00:00
subr_terminal.c vt(4): Adjust the cursor position after changing the window size 2014-11-01 17:05:15 +00:00
subr_trap.c Rewrite sigdeferstop(9) and sigallowstop(9) into more flexible 2016-06-26 20:07:24 +00:00
subr_turnstile.c Finish r173600. There is no need to test a condition if both cases 2016-02-10 21:16:37 +00:00
subr_uio.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
subr_unit.c Fix build of kern/subr_unit.c, broken by r300539 2016-05-24 00:14:58 +00:00
subr_vmem.c subr_vmem: Fix double-free in error case of vmem_create 2016-05-11 23:16:11 +00:00
subr_witness.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
sys_capability.c Introduce kern_cap_rights_limit(). 2015-08-11 08:43:50 +00:00
sys_generic.c Cap IOSIZE_MAX to INT_MAX for 32-bit processes. 2016-04-01 18:29:38 +00:00
sys_pipe.c Generate syscall tables and update pipe() implementation after r302094. 2016-06-22 21:18:19 +00:00
sys_procdesc.c Introduce the PD_CLOEXEC for pdfork(2). 2016-06-08 02:09:14 +00:00
sys_process.c Add ptrace(2) reporting for LWP events. 2015-12-29 23:25:26 +00:00
sys_socket.c Account for AIO socket operations in thread/process resource usage. 2016-06-21 22:19:06 +00:00
syscalls.c Generate syscall tables and update pipe() implementation after r302094. 2016-06-22 21:18:19 +00:00
syscalls.master Mark the pipe() system call as COMPAT10. 2016-06-22 21:15:59 +00:00
systrace_args.c Generate syscall tables and update pipe() implementation after r302094. 2016-06-22 21:18:19 +00:00
sysv_ipc.c
sysv_msg.c Remove a comment that was part of copied code, and is misleading in 2016-06-09 15:34:33 +00:00
sysv_sem.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
sysv_shm.c osd(9): Change array pointer to array pointer type from void* 2016-04-26 19:57:35 +00:00
tty_compat.c
tty_info.c
tty_inq.c
tty_outq.c
tty_pts.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
tty_tty.c tty: replace several curthread->td_proc with stored curproc 2015-07-06 18:53:56 +00:00
tty_ttydisc.c Don't clear the software flow control flag before draining for last 2016-01-26 14:46:39 +00:00
tty.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
uipc_accf.c
uipc_debug.c Refactor the AIO subsystem to permit file-type-specific handling and 2016-03-01 18:12:14 +00:00
uipc_domain.c The pr_destroy field does not allow us to run the teardown code in a 2016-06-01 10:14:04 +00:00
uipc_mbuf2.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
uipc_mbuf.c kern: for pointers replace 0 with NULL. 2016-04-15 16:10:11 +00:00
uipc_mbufhash.c Reduce header pollution. 2015-03-17 14:16:50 +00:00
uipc_mqueue.c Use the new PR_METHOD_REMOVE to clean up jail handling in POSIX 2016-04-25 04:36:54 +00:00
uipc_sem.c Clean up some style(9) violations. 2016-04-14 17:07:26 +00:00
uipc_shm.c posixshm: Fix lock leak when mac_posixshm_check_read rejects read. 2016-06-23 20:59:13 +00:00
uipc_sockbuf.c kern: for pointers replace 0 with NULL. 2016-04-15 16:10:11 +00:00
uipc_socket.c Fix typo introduced by me (not the submitter) when fixing typos 2016-05-22 13:10:48 +00:00
uipc_syscalls.c The SA-16:19 wouldn't have happened if the sockargs() had properly typed 2016-05-18 22:05:50 +00:00
uipc_usrreq.c kernel: use our nitems() macro when it is available through param.h. 2016-04-19 23:48:27 +00:00
vfs_acl.c Replace struct filedesc argument in getvnode with struct thread 2015-06-16 13:09:18 +00:00
vfs_aio.c Account for AIO socket operations in thread/process resource usage. 2016-06-21 22:19:06 +00:00
vfs_bio.c sys/kern: spelling fixes. 2016-04-29 21:54:28 +00:00
vfs_cache.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
vfs_cluster.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
vfs_default.c Simplify AIO initialization now that it is standard. 2016-03-09 19:05:11 +00:00
vfs_export.c kern: for pointers replace 0 with NULL. 2016-04-15 16:10:11 +00:00
vfs_extattr.c Replace struct filedesc argument in getvnode with struct thread 2015-06-16 13:09:18 +00:00
vfs_hash.c Add vfs_hash_ref(9) function, which finds a vnode by the hash value 2016-05-11 06:32:22 +00:00
vfs_init.c sysctl: switch sysctllock to a sleepable rmlock, take 2 2015-09-15 23:06:56 +00:00
vfs_lookup.c sys/kern: spelling fixes in comments. 2016-04-29 22:15:33 +00:00
vfs_mount.c Do not assume that we own the use reference on the covered vnode until 2016-06-15 15:56:03 +00:00
vfs_mountroot.c Stop hiding errors that result in failure to mount /dev. Otherwise, 2016-05-12 07:38:10 +00:00
vfs_subr.c Fix typo. Note that atomic is still required even for interlocked case. 2016-06-20 15:45:50 +00:00
vfs_syscalls.c Fix kernel stack disclosures in the Linux and 4.3BSD compat layers. 2016-05-31 16:56:30 +00:00
vfs_vnops.c Ensure that ftruncate(2) is performed synchronously when file is 2016-05-18 12:03:57 +00:00
vnode_if.src Add EVFILT_VNODE open, read and close notifications. 2016-05-03 15:17:43 +00:00