d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move expand_name() after process lock is released.

Browse Source 
This fixed panic where we hold mutex (process lock) and try to obtain sleepable
lock (vnode lock in expand_name()). The panic could occur when %I was used
in kern.corefile.

Additionally we avoid expand_name() overhead when coredumps are disabled.

Obtained from:	WHEEL Systems
This commit is contained in:
Pawel Jakub Dawidek 2012-12-16 14:53:27 +00:00
parent be1bfa99a4
commit dd57ce87eb
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
sys/kern/kern_sig.c
View File

@ -3210,14 +3210,8 @@ coredump(struct thread *td)
MPASS((p->p_flag & P_HADTHREADS) == 0 || p->p_singlethread == td);
_STOPEVENT(p, S_CORE, 0);
name = expand_name(p->p_comm, cred->cr_uid, p->p_pid, td, compress);
if (name == NULL) {
PROC_UNLOCK(p);
return (EINVAL);
}
if (!do_coredump || (!sugid_coredump && (p->p_flag & P_SUGID) != 0)) {
PROC_UNLOCK(p);
free(name, M_TEMP);
return (EFAULT);
}
@ -3232,11 +3226,14 @@ coredump(struct thread *td)
limit = (off_t)lim_cur(p, RLIMIT_CORE);
if (limit == 0 || racct_get_available(p, RACCT_CORE) == 0) {
PROC_UNLOCK(p);
free(name, M_TEMP);
return (EFBIG);
}
PROC_UNLOCK(p);
name = expand_name(p->p_comm, cred->cr_uid, p->p_pid, td, compress);
if (name == NULL)
return (EINVAL);
restart:
NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, td);
flags = O_CREAT | FWRITE | O_NOFOLLOW;