Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
On Thu, Aug 14, 2008 at 08:16:38PM -0400, alexus wrote: > where can I get latest patch? that I can apply to 7.0-RELEASE-p3 ? > Sorry for very late reply, you can grab it from here: http://student.agh.edu.pl/~frag/kern_ktrace.diff Thanks, -- Mateusz Guzik ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
where can I get latest patch? that I can apply to 7.0-RELEASE-p3 ? 2008/8/9 Mateusz Guzik <[EMAIL PROTECTED]>: > On Fri, Aug 08, 2008 at 06:43:38PM +, Bjoern A. Zeeb wrote: >> >The following reply was made to PR kern/126368; it has been noted by GNATS. >> > >> >From: "Mateusz Guzik" <[EMAIL PROTECTED]> >> >To: [EMAIL PROTECTED] >> >Cc: >> >Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails >> >Date: Fri, 8 Aug 2008 19:30:22 +0200 >> > >> >Err, I made a mistake. crfree() will be called in case of failure >> >(loop starting at line 959), so the following patch should be ok: >> > >> >--- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200 >> >+++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200 >> >@@ -933,12 +933,14 @@ >> > error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); >> > VOP_UNLOCK(vp, 0, td); >> > vn_finished_write(mp); >> > vrele(vp); >> > VFS_UNLOCK_GIANT(vfslocked); >> >-if (!error) >> >+if (!error) { >> >+crfree(cred); >> > return; >> >+} >> >> that sounds more plausible w/o seeing the surrounding code. I had >> wondered already earlier today when I was pointed at. >> >> I'll look into this. >> > > Sorry for the noise -- the first patch was right. ;) > > ktr_writerequest() is called multiple times and it _always_ calls > crhold(), so crfree() must be called before it returns (even in case of > failure). > > Also, in this function one can find: > > [..] > crhold(cred) > [..] > if (vp == NULL) { >KASSERT(cred == NULL, ("ktr_writerequest: cred != NULL")); >return; > } > > `Normal' kernel might leak credentials in this case, so I believe crfree() > should be added there too. > > Thanks, and again, sorry for the noise. > -- > Mateusz Guzik > > ___ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > -- http://alexus.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
On Fri, Aug 08, 2008 at 06:43:38PM +, Bjoern A. Zeeb wrote: > >The following reply was made to PR kern/126368; it has been noted by GNATS. > > > >From: "Mateusz Guzik" <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Cc: > >Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails > >Date: Fri, 8 Aug 2008 19:30:22 +0200 > > > >Err, I made a mistake. crfree() will be called in case of failure > >(loop starting at line 959), so the following patch should be ok: > > > >--- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200 > >+++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200 > >@@ -933,12 +933,14 @@ > > error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); > > VOP_UNLOCK(vp, 0, td); > > vn_finished_write(mp); > > vrele(vp); > > VFS_UNLOCK_GIANT(vfslocked); > >-if (!error) > >+if (!error) { > >+crfree(cred); > > return; > >+} > > that sounds more plausible w/o seeing the surrounding code. I had > wondered already earlier today when I was pointed at. > > I'll look into this. > Sorry for the noise -- the first patch was right. ;) ktr_writerequest() is called multiple times and it _always_ calls crhold(), so crfree() must be called before it returns (even in case of failure). Also, in this function one can find: [..] crhold(cred) [..] if (vp == NULL) { KASSERT(cred == NULL, ("ktr_writerequest: cred != NULL")); return; } `Normal' kernel might leak credentials in this case, so I believe crfree() should be added there too. Thanks, and again, sorry for the noise. -- Mateusz Guzik --- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200 +++ sys/kern/kern_ktrace.c 2008-08-10 01:42:07.0 +0200 @@ -889,10 +889,12 @@ * request, so just drop it. Make sure the credential and vnode are * in sync: we should have both or neither. */ if (vp == NULL) { KASSERT(cred == NULL, ("ktr_writerequest: cred != NULL")); + if (cred != NULL) + crfree(cred); return; } KASSERT(cred != NULL, ("ktr_writerequest: cred == NULL")); kth = &req->ktr_header; @@ -933,10 +935,11 @@ error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); VOP_UNLOCK(vp, 0, td); vn_finished_write(mp); vrele(vp); VFS_UNLOCK_GIANT(vfslocked); + crfree(cred); if (!error) return; /* * If error encountered, give up tracing on this vnode. We defer * all the vrele()'s on the vnode until after we are finished walking ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
On Fri, 8 Aug 2008, Mateusz Guzik wrote: The following reply was made to PR kern/126368; it has been noted by GNATS. From: "Mateusz Guzik" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails Date: Fri, 8 Aug 2008 19:30:22 +0200 Err, I made a mistake. crfree() will be called in case of failure (loop starting at line 959), so the following patch should be ok: --- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200 +++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200 @@ -933,12 +933,14 @@ error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); VOP_UNLOCK(vp, 0, td); vn_finished_write(mp); vrele(vp); VFS_UNLOCK_GIANT(vfslocked); - if (!error) + if (!error) { + crfree(cred); return; + } that sounds more plausible w/o seeing the surrounding code. I had wondered already earlier today when I was pointed at. I'll look into this. /* * If error encountered, give up tracing on this vnode. We defer * all the vrele()'s on the vnode until after we are finished walking * the various lists to avoid needlessly holding locks. */ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
The following reply was made to PR kern/126368; it has been noted by GNATS. From: "Mateusz Guzik" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails Date: Fri, 8 Aug 2008 19:30:22 +0200 Err, I made a mistake. crfree() will be called in case of failure (loop starting at line 959), so the following patch should be ok: --- sys/kern/kern_ktrace.c.orig2008-08-08 16:37:45.0 +0200 +++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200 @@ -933,12 +933,14 @@ error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); VOP_UNLOCK(vp, 0, td); vn_finished_write(mp); vrele(vp); VFS_UNLOCK_GIANT(vfslocked); - if (!error) + if (!error) { + crfree(cred); return; + } /* * If error encountered, give up tracing on this vnode. We defer * all the vrele()'s on the vnode until after we are finished walking * the various lists to avoid needlessly holding locks. */ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
Synopsis: Running ktrace/kdump in jail leads to stale jails Responsible-Changed-From-To: freebsd-bugs->freebsd-jail Responsible-Changed-By: kris Responsible-Changed-When: Fri Aug 8 15:36:29 UTC 2008 Responsible-Changed-Why: Looks like a simple patch to review http://www.freebsd.org/cgi/query-pr.cgi?pr=126368 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"