Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
On Thu, Aug 14, 2008 at 08:16:38PM -0400, alexus wrote: > where can I get latest patch? that I can apply to 7.0-RELEASE-p3 ? > Sorry for very late reply, you can grab it from here: http://student.agh.edu.pl/~frag/kern_ktrace.diff Thanks, -- Mateusz Guzik ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
where can I get latest patch? that I can apply to 7.0-RELEASE-p3 ?
2008/8/9 Mateusz Guzik <[EMAIL PROTECTED]>:
> On Fri, Aug 08, 2008 at 06:43:38PM +, Bjoern A. Zeeb wrote:
>> >The following reply was made to PR kern/126368; it has been noted by GNATS.
>> >
>> >From: "Mateusz Guzik" <[EMAIL PROTECTED]>
>> >To: [EMAIL PROTECTED]
>> >Cc:
>> >Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
>> >Date: Fri, 8 Aug 2008 19:30:22 +0200
>> >
>> >Err, I made a mistake. crfree() will be called in case of failure
>> >(loop starting at line 959), so the following patch should be ok:
>> >
>> >--- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200
>> >+++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200
>> >@@ -933,12 +933,14 @@
>> > error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred);
>> > VOP_UNLOCK(vp, 0, td);
>> > vn_finished_write(mp);
>> > vrele(vp);
>> > VFS_UNLOCK_GIANT(vfslocked);
>> >-if (!error)
>> >+if (!error) {
>> >+crfree(cred);
>> > return;
>> >+}
>>
>> that sounds more plausible w/o seeing the surrounding code. I had
>> wondered already earlier today when I was pointed at.
>>
>> I'll look into this.
>>
>
> Sorry for the noise -- the first patch was right. ;)
>
> ktr_writerequest() is called multiple times and it _always_ calls
> crhold(), so crfree() must be called before it returns (even in case of
> failure).
>
> Also, in this function one can find:
>
> [..]
> crhold(cred)
> [..]
> if (vp == NULL) {
>KASSERT(cred == NULL, ("ktr_writerequest: cred != NULL"));
>return;
> }
>
> `Normal' kernel might leak credentials in this case, so I believe crfree()
> should be added there too.
>
> Thanks, and again, sorry for the noise.
> --
> Mateusz Guzik
>
> ___
> freebsd-jail@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
>
--
http://alexus.org/
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
On Fri, Aug 08, 2008 at 06:43:38PM +, Bjoern A. Zeeb wrote:
> >The following reply was made to PR kern/126368; it has been noted by GNATS.
> >
> >From: "Mateusz Guzik" <[EMAIL PROTECTED]>
> >To: [EMAIL PROTECTED]
> >Cc:
> >Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
> >Date: Fri, 8 Aug 2008 19:30:22 +0200
> >
> >Err, I made a mistake. crfree() will be called in case of failure
> >(loop starting at line 959), so the following patch should be ok:
> >
> >--- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200
> >+++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200
> >@@ -933,12 +933,14 @@
> > error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred);
> > VOP_UNLOCK(vp, 0, td);
> > vn_finished_write(mp);
> > vrele(vp);
> > VFS_UNLOCK_GIANT(vfslocked);
> >-if (!error)
> >+if (!error) {
> >+crfree(cred);
> > return;
> >+}
>
> that sounds more plausible w/o seeing the surrounding code. I had
> wondered already earlier today when I was pointed at.
>
> I'll look into this.
>
Sorry for the noise -- the first patch was right. ;)
ktr_writerequest() is called multiple times and it _always_ calls
crhold(), so crfree() must be called before it returns (even in case of
failure).
Also, in this function one can find:
[..]
crhold(cred)
[..]
if (vp == NULL) {
KASSERT(cred == NULL, ("ktr_writerequest: cred != NULL"));
return;
}
`Normal' kernel might leak credentials in this case, so I believe crfree()
should be added there too.
Thanks, and again, sorry for the noise.
--
Mateusz Guzik
--- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200
+++ sys/kern/kern_ktrace.c 2008-08-10 01:42:07.0 +0200
@@ -889,10 +889,12 @@
* request, so just drop it. Make sure the credential and vnode are
* in sync: we should have both or neither.
*/
if (vp == NULL) {
KASSERT(cred == NULL, ("ktr_writerequest: cred != NULL"));
+ if (cred != NULL)
+ crfree(cred);
return;
}
KASSERT(cred != NULL, ("ktr_writerequest: cred == NULL"));
kth = &req->ktr_header;
@@ -933,10 +935,11 @@
error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred);
VOP_UNLOCK(vp, 0, td);
vn_finished_write(mp);
vrele(vp);
VFS_UNLOCK_GIANT(vfslocked);
+ crfree(cred);
if (!error)
return;
/*
* If error encountered, give up tracing on this vnode. We defer
* all the vrele()'s on the vnode until after we are finished walking
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
On Fri, 8 Aug 2008, Mateusz Guzik wrote:
The following reply was made to PR kern/126368; it has been noted by GNATS.
From: "Mateusz Guzik" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc:
Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
Date: Fri, 8 Aug 2008 19:30:22 +0200
Err, I made a mistake. crfree() will be called in case of failure
(loop starting at line 959), so the following patch should be ok:
--- sys/kern/kern_ktrace.c.orig 2008-08-08 16:37:45.0 +0200
+++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200
@@ -933,12 +933,14 @@
error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred);
VOP_UNLOCK(vp, 0, td);
vn_finished_write(mp);
vrele(vp);
VFS_UNLOCK_GIANT(vfslocked);
- if (!error)
+ if (!error) {
+ crfree(cred);
return;
+ }
that sounds more plausible w/o seeing the surrounding code. I had
wondered already earlier today when I was pointed at.
I'll look into this.
/*
* If error encountered, give up tracing on this vnode. We defer
* all the vrele()'s on the vnode until after we are finished walking
* the various lists to avoid needlessly holding locks.
*/
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Bjoern A. Zeeb Stop bit received. Insert coin for new game.
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
The following reply was made to PR kern/126368; it has been noted by GNATS.
From: "Mateusz Guzik" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc:
Subject: Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
Date: Fri, 8 Aug 2008 19:30:22 +0200
Err, I made a mistake. crfree() will be called in case of failure
(loop starting at line 959), so the following patch should be ok:
--- sys/kern/kern_ktrace.c.orig2008-08-08 16:37:45.0 +0200
+++ sys/kern/kern_ktrace.c 2008-08-08 19:25:16.0 +0200
@@ -933,12 +933,14 @@
error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred);
VOP_UNLOCK(vp, 0, td);
vn_finished_write(mp);
vrele(vp);
VFS_UNLOCK_GIANT(vfslocked);
- if (!error)
+ if (!error) {
+ crfree(cred);
return;
+ }
/*
* If error encountered, give up tracing on this vnode. We defer
* all the vrele()'s on the vnode until after we are finished walking
* the various lists to avoid needlessly holding locks.
*/
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kern/126368: Running ktrace/kdump in jail leads to stale jails
Synopsis: Running ktrace/kdump in jail leads to stale jails Responsible-Changed-From-To: freebsd-bugs->freebsd-jail Responsible-Changed-By: kris Responsible-Changed-When: Fri Aug 8 15:36:29 UTC 2008 Responsible-Changed-Why: Looks like a simple patch to review http://www.freebsd.org/cgi/query-pr.cgi?pr=126368 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
