Author: kib
Date: Thu Dec 2 12:44:51 2010
New Revision: 216120
URL: http://svn.freebsd.org/changeset/base/216120
Log:
For non-stopped threads, td_frame pointer is undefined. As a
consequence, fill_regs() and fill_fpregs() access random data, usually
on the thread kernel stack. Most often the td_frame points to the
previous frame saved by last kernel entry sequence, but this is not
guaranteed.
For /proc/<pid>/{regs,fpregs} read access, require the thread to be in
stopped state. Otherwise, return EBUSY as is done for write case.
Reported and tested by: pho
Approved by: des (procfs maintainer)
MFC after: 1 week
Modified:
head/sys/fs/procfs/procfs_fpregs.c
head/sys/fs/procfs/procfs_regs.c
Modified: head/sys/fs/procfs/procfs_fpregs.c
==============================================================================
--- head/sys/fs/procfs/procfs_fpregs.c Thu Dec 2 10:46:05 2010
(r216119)
+++ head/sys/fs/procfs/procfs_fpregs.c Thu Dec 2 12:44:51 2010
(r216120)
@@ -97,6 +97,10 @@ procfs_doprocfpregs(PFS_FILL_ARGS)
PROC_UNLOCK(p);
return (EPERM);
}
+ if (!P_SHOULDSTOP(p)) {
+ PROC_UNLOCK(p);
+ return (EBUSY);
+ }
/* XXXKSE: */
td2 = FIRST_THREAD_IN_PROC(p);
Modified: head/sys/fs/procfs/procfs_regs.c
==============================================================================
--- head/sys/fs/procfs/procfs_regs.c Thu Dec 2 10:46:05 2010
(r216119)
+++ head/sys/fs/procfs/procfs_regs.c Thu Dec 2 12:44:51 2010
(r216120)
@@ -97,6 +97,10 @@ procfs_doprocregs(PFS_FILL_ARGS)
PROC_UNLOCK(p);
return (EPERM);
}
+ if (!P_SHOULDSTOP(p)) {
+ PROC_UNLOCK(p);
+ return (EBUSY);
+ }
/* XXXKSE: */
td2 = FIRST_THREAD_IN_PROC(p);
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
