Re: Use `ps_mtx' mutex(9) to protect `ps_ucred' and unlock setuid(2), ...
The latest diff iteration after guenther@'s feedback. - The lock grabbing in ddb(4) is wrong, so don't grab it within db_show_all_procs(). - In the dorefreshcreds() grab the lock only if uc != pr->ps_ucred. Also move crfree() out of the lock. - In the pgsigio() store call CANSIGIO() with the lock held and store result to the local variable. Don't hold the lock when call prsignal() because kernel lock serialize this path. - In the sysctl_file() don't grab the lock the lock if `arg' < 0. Index: sys/kern/kern_acct.c === RCS file: /cvs/src/sys/kern/kern_acct.c,v retrieving revision 1.47 diff -u -p -r1.47 kern_acct.c --- sys/kern/kern_acct.c14 Aug 2022 01:58:27 - 1.47 +++ sys/kern/kern_acct.c26 Dec 2022 16:11:43 - @@ -221,8 +221,10 @@ acct_process(struct proc *p) acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0); /* (6) The UID and GID of the process */ + mtx_enter(>ps_mtx); acct.ac_uid = pr->ps_ucred->cr_ruid; acct.ac_gid = pr->ps_ucred->cr_rgid; + mtx_leave(>ps_mtx); /* (7) The terminal from which the process was started */ if ((pr->ps_flags & PS_CONTROLT) && Index: sys/kern/kern_exec.c === RCS file: /cvs/src/sys/kern/kern_exec.c,v retrieving revision 1.240 diff -u -p -r1.240 kern_exec.c --- sys/kern/kern_exec.c23 Nov 2022 11:00:27 - 1.240 +++ sys/kern/kern_exec.c26 Dec 2022 16:11:43 - @@ -649,9 +649,11 @@ sys_execve(struct proc *p, void *v, regi if (pr->ps_ucred != cred) { struct ucred *ocred; - ocred = pr->ps_ucred; crhold(cred); + mtx_enter(>ps_mtx); + ocred = pr->ps_ucred; pr->ps_ucred = cred; + mtx_leave(>ps_mtx); crfree(ocred); } Index: sys/kern/kern_exit.c === RCS file: /cvs/src/sys/kern/kern_exit.c,v retrieving revision 1.209 diff -u -p -r1.209 kern_exit.c --- sys/kern/kern_exit.c19 Dec 2022 00:22:12 - 1.209 +++ sys/kern/kern_exit.c26 Dec 2022 16:11:43 - @@ -494,7 +494,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; if (pr->ps_xsig == 0) { info->si_code = CLD_EXITED; @@ -531,7 +533,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; info->si_code = CLD_TRAPPED; info->si_status = pr->ps_xsig; @@ -554,7 +558,9 @@ loop: *retval = pr->ps_pid; if (info != 0) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; info->si_code = CLD_STOPPED; info->si_status = pr->ps_xsig; @@ -573,7 +579,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; info->si_code = CLD_CONTINUED; info->si_status = SIGCONT; Index: sys/kern/kern_ktrace.c === RCS file: /cvs/src/sys/kern/kern_ktrace.c,v retrieving revision 1.109 diff -u -p -r1.109 kern_ktrace.c --- sys/kern/kern_ktrace.c 5 Dec 2022 23:18:37 - 1.109 +++ sys/kern/kern_ktrace.c 26 Dec 2022 16:11:43 - @@ -693,7 +693,12 @@ int ktrcanset(struct proc *callp, struct process *targetpr) { struct ucred *caller = callp->p_ucred; - struct ucred *target = targetpr->ps_ucred; + struct ucred *target; + int ret = 0; + +
Re: Use `ps_mtx' mutex(9) to protect `ps_ucred' and unlock setuid(2), ...
On Sat, Dec 03, 2022 at 08:45:52PM +0300, Vitaliy Makkoveev wrote: > On Thu, Dec 01, 2022 at 10:50:03PM +0300, Vitaliy Makkoveev wrote: > > On Thu, Dec 01, 2022 at 11:28:59AM -0800, Philip Guenther wrote: > > > On Thu, Dec 1, 2022 at 10:31 AM Vitaliy Makkoveev > > > wrote: > > > ... > > > > > > > --- sys/sys/sysctl.h7 Nov 2022 14:25:44 - 1.231 > > > > +++ sys/sys/sysctl.h1 Dec 2022 18:15:06 - > > > > @@ -587,7 +587,7 @@ struct kinfo_vmentry { > > > > > > > > #define_FILL_KPROC_MIN(a,b) (((a)<(b))?(a):(b)) > > > > > > > > -#define FILL_KPROC(kp, copy_str, p, pr, uc, pg, paddr, \ > > > > +#define FILL_KPROC(kp, copy_str, p, pr, pg, paddr, \ > > > > praddr, sess, vm, lim, sa, isthread, show_addresses) \ > > > > > > > ... > > > > > > > - (kp)->p_svgid = (uc)->cr_svgid; > > > > \ > > > > + PR_LOCK(pr); > > > > \ > > > > + (kp)->p_uid = (pr)->ps_ucred->cr_uid; > > > > \ > > > > > > > > > > Nope. As the block comment about this notes, FILL_KPROC() is shared > > > between the kernel and libkvm and takes each structure pointer separately > > > as, for example, pr->ps_ucred has the kva address, not the address of the > > > ucred struct that libkvm has separately read into user memory. > > > > > > Now, you _could_ have libkvm update pr->ps_ucred to point to its > > > user-space > > > copy. However, that would make ucred handling different from the other > > > sub-structures of struct proc and MOST of those we need the real kva for > > > the show_address functionality. > > > > > > Not sure if this is the yak-shave you want right now... > > > > > > (libkvm will obviously also need no-op #defines for PR_LOCK() etc) > > > > > > > I missed this. > > > > Since `ps_ucred' is immutable, we could bump it's reference and use it > > without holding `ps_mtx': > > > > mtx_enter(>ps_mtx); > > prucred = crhold(pr->ps_ucred); > > mtx_leave(>ps_mtx); > > > > FILL_KPROC(ki, strlcpy, p, pr, prucred, pr->ps_pgrp, ...); > > crfree(prucred); > > > > Otherwise, we could grab `ps_mtx' mutex outside FILL_KPROC(), so dummy > > PR_LOCK() define will be not required in userland. > > > > The diff below follows the first way. > > > > A little update. Kernel lock is not required within dorefreshcreds() > because `ps_mtx' mutex(9) is taken. Also forgotten makesyscalls.sh > generated chunks removed. > > Anyone? The `pr' locking for FILL_KPROC() usage is discussible. We already use PR_LOCK() for `sa' copying, which is used within FILL_KPROC() as `sa', but not pr->ps_sigacts. So the same could be done for `uc' copying too: #define FILL_KPROC(kp, copy_str, p, pr, uc, pg, paddr, \ praddr, sess, vm, lim, sa, isthread, show_addresses) \ do {\ PR_LOCK(pr);\ (kp)->p_uid = (uc)->cr_uid; \ (kp)->p_ruid = (uc)->cr_ruid; \ /* ... */ \ PR_UNLOCK(pr); \ PR_LOCK(pr);\ (kp)->p_sigignore = (sa) ? (sa)->ps_sigignore : 0; \ /* ... */ \ PR_UNLOCK(pr); \ > Index: sys/kern/kern_acct.c > === > RCS file: /cvs/src/sys/kern/kern_acct.c,v > retrieving revision 1.47 > diff -u -p -r1.47 kern_acct.c > --- sys/kern/kern_acct.c 14 Aug 2022 01:58:27 - 1.47 > +++ sys/kern/kern_acct.c 3 Dec 2022 17:39:00 - > @@ -221,8 +221,10 @@ acct_process(struct proc *p) > acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0); > > /* (6) The UID and GID of the process */ > + mtx_enter(>ps_mtx); > acct.ac_uid = pr->ps_ucred->cr_ruid; > acct.ac_gid = pr->ps_ucred->cr_rgid; > + mtx_leave(>ps_mtx); > > /* (7) The terminal from which the process was started */ > if ((pr->ps_flags & PS_CONTROLT) && > Index: sys/kern/kern_exec.c > === > RCS file: /cvs/src/sys/kern/kern_exec.c,v > retrieving revision 1.240 > diff -u -p -r1.240 kern_exec.c > --- sys/kern/kern_exec.c 23 Nov 2022 11:00:27 - 1.240 > +++ sys/kern/kern_exec.c 3 Dec 2022 17:39:00 - > @@ -649,9 +649,11 @@ sys_execve(struct proc *p, void *v, regi > if (pr->ps_ucred != cred) { > struct ucred *ocred; > > - ocred = pr->ps_ucred; > crhold(cred); > + mtx_enter(>ps_mtx); > + ocred = pr->ps_ucred; >
Re: Use `ps_mtx' mutex(9) to protect `ps_ucred' and unlock setuid(2), ...
On Thu, Dec 01, 2022 at 10:50:03PM +0300, Vitaliy Makkoveev wrote: > On Thu, Dec 01, 2022 at 11:28:59AM -0800, Philip Guenther wrote: > > On Thu, Dec 1, 2022 at 10:31 AM Vitaliy Makkoveev wrote: > > ... > > > > > --- sys/sys/sysctl.h7 Nov 2022 14:25:44 - 1.231 > > > +++ sys/sys/sysctl.h1 Dec 2022 18:15:06 - > > > @@ -587,7 +587,7 @@ struct kinfo_vmentry { > > > > > > #define_FILL_KPROC_MIN(a,b) (((a)<(b))?(a):(b)) > > > > > > -#define FILL_KPROC(kp, copy_str, p, pr, uc, pg, paddr, \ > > > +#define FILL_KPROC(kp, copy_str, p, pr, pg, paddr, \ > > > praddr, sess, vm, lim, sa, isthread, show_addresses) \ > > > > > ... > > > > > - (kp)->p_svgid = (uc)->cr_svgid; \ > > > + PR_LOCK(pr);\ > > > + (kp)->p_uid = (pr)->ps_ucred->cr_uid; \ > > > > > > > Nope. As the block comment about this notes, FILL_KPROC() is shared > > between the kernel and libkvm and takes each structure pointer separately > > as, for example, pr->ps_ucred has the kva address, not the address of the > > ucred struct that libkvm has separately read into user memory. > > > > Now, you _could_ have libkvm update pr->ps_ucred to point to its user-space > > copy. However, that would make ucred handling different from the other > > sub-structures of struct proc and MOST of those we need the real kva for > > the show_address functionality. > > > > Not sure if this is the yak-shave you want right now... > > > > (libkvm will obviously also need no-op #defines for PR_LOCK() etc) > > > > I missed this. > > Since `ps_ucred' is immutable, we could bump it's reference and use it > without holding `ps_mtx': > > mtx_enter(>ps_mtx); > prucred = crhold(pr->ps_ucred); > mtx_leave(>ps_mtx); > > FILL_KPROC(ki, strlcpy, p, pr, prucred, pr->ps_pgrp, ...); > crfree(prucred); > > Otherwise, we could grab `ps_mtx' mutex outside FILL_KPROC(), so dummy > PR_LOCK() define will be not required in userland. > > The diff below follows the first way. > A little update. Kernel lock is not required within dorefreshcreds() because `ps_mtx' mutex(9) is taken. Also forgotten makesyscalls.sh generated chunks removed. Index: sys/kern/kern_acct.c === RCS file: /cvs/src/sys/kern/kern_acct.c,v retrieving revision 1.47 diff -u -p -r1.47 kern_acct.c --- sys/kern/kern_acct.c14 Aug 2022 01:58:27 - 1.47 +++ sys/kern/kern_acct.c3 Dec 2022 17:39:00 - @@ -221,8 +221,10 @@ acct_process(struct proc *p) acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0); /* (6) The UID and GID of the process */ + mtx_enter(>ps_mtx); acct.ac_uid = pr->ps_ucred->cr_ruid; acct.ac_gid = pr->ps_ucred->cr_rgid; + mtx_leave(>ps_mtx); /* (7) The terminal from which the process was started */ if ((pr->ps_flags & PS_CONTROLT) && Index: sys/kern/kern_exec.c === RCS file: /cvs/src/sys/kern/kern_exec.c,v retrieving revision 1.240 diff -u -p -r1.240 kern_exec.c --- sys/kern/kern_exec.c23 Nov 2022 11:00:27 - 1.240 +++ sys/kern/kern_exec.c3 Dec 2022 17:39:00 - @@ -649,9 +649,11 @@ sys_execve(struct proc *p, void *v, regi if (pr->ps_ucred != cred) { struct ucred *ocred; - ocred = pr->ps_ucred; crhold(cred); + mtx_enter(>ps_mtx); + ocred = pr->ps_ucred; pr->ps_ucred = cred; + mtx_leave(>ps_mtx); crfree(ocred); } Index: sys/kern/kern_exit.c === RCS file: /cvs/src/sys/kern/kern_exit.c,v retrieving revision 1.207 diff -u -p -r1.207 kern_exit.c --- sys/kern/kern_exit.c3 Nov 2022 04:56:47 - 1.207 +++ sys/kern/kern_exit.c3 Dec 2022 17:39:00 - @@ -494,7 +494,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; if (pr->ps_xsig == 0) { info->si_code = CLD_EXITED; @@ -530,7 +532,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx);
Re: Use `ps_mtx' mutex(9) to protect `ps_ucred' and unlock setuid(2), ...
On Thu, Dec 01, 2022 at 11:28:59AM -0800, Philip Guenther wrote: > On Thu, Dec 1, 2022 at 10:31 AM Vitaliy Makkoveev wrote: > ... > > > --- sys/sys/sysctl.h7 Nov 2022 14:25:44 - 1.231 > > +++ sys/sys/sysctl.h1 Dec 2022 18:15:06 - > > @@ -587,7 +587,7 @@ struct kinfo_vmentry { > > > > #define_FILL_KPROC_MIN(a,b) (((a)<(b))?(a):(b)) > > > > -#define FILL_KPROC(kp, copy_str, p, pr, uc, pg, paddr, \ > > +#define FILL_KPROC(kp, copy_str, p, pr, pg, paddr, \ > > praddr, sess, vm, lim, sa, isthread, show_addresses) \ > > > ... > > > - (kp)->p_svgid = (uc)->cr_svgid; \ > > + PR_LOCK(pr);\ > > + (kp)->p_uid = (pr)->ps_ucred->cr_uid; \ > > > > Nope. As the block comment about this notes, FILL_KPROC() is shared > between the kernel and libkvm and takes each structure pointer separately > as, for example, pr->ps_ucred has the kva address, not the address of the > ucred struct that libkvm has separately read into user memory. > > Now, you _could_ have libkvm update pr->ps_ucred to point to its user-space > copy. However, that would make ucred handling different from the other > sub-structures of struct proc and MOST of those we need the real kva for > the show_address functionality. > > Not sure if this is the yak-shave you want right now... > > (libkvm will obviously also need no-op #defines for PR_LOCK() etc) > I missed this. Since `ps_ucred' is immutable, we could bump it's reference and use it without holding `ps_mtx': mtx_enter(>ps_mtx); prucred = crhold(pr->ps_ucred); mtx_leave(>ps_mtx); FILL_KPROC(ki, strlcpy, p, pr, prucred, pr->ps_pgrp, ...); crfree(prucred); Otherwise, we could grab `ps_mtx' mutex outside FILL_KPROC(), so dummy PR_LOCK() define will be not required in userland. The diff below follows the first way. Index: sys/kern/kern_acct.c === RCS file: /cvs/src/sys/kern/kern_acct.c,v retrieving revision 1.47 diff -u -p -r1.47 kern_acct.c --- sys/kern/kern_acct.c14 Aug 2022 01:58:27 - 1.47 +++ sys/kern/kern_acct.c1 Dec 2022 19:49:15 - @@ -221,8 +221,10 @@ acct_process(struct proc *p) acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0); /* (6) The UID and GID of the process */ + mtx_enter(>ps_mtx); acct.ac_uid = pr->ps_ucred->cr_ruid; acct.ac_gid = pr->ps_ucred->cr_rgid; + mtx_leave(>ps_mtx); /* (7) The terminal from which the process was started */ if ((pr->ps_flags & PS_CONTROLT) && Index: sys/kern/kern_exec.c === RCS file: /cvs/src/sys/kern/kern_exec.c,v retrieving revision 1.240 diff -u -p -r1.240 kern_exec.c --- sys/kern/kern_exec.c23 Nov 2022 11:00:27 - 1.240 +++ sys/kern/kern_exec.c1 Dec 2022 19:49:15 - @@ -649,9 +649,11 @@ sys_execve(struct proc *p, void *v, regi if (pr->ps_ucred != cred) { struct ucred *ocred; - ocred = pr->ps_ucred; crhold(cred); + mtx_enter(>ps_mtx); + ocred = pr->ps_ucred; pr->ps_ucred = cred; + mtx_leave(>ps_mtx); crfree(ocred); } Index: sys/kern/kern_exit.c === RCS file: /cvs/src/sys/kern/kern_exit.c,v retrieving revision 1.207 diff -u -p -r1.207 kern_exit.c --- sys/kern/kern_exit.c3 Nov 2022 04:56:47 - 1.207 +++ sys/kern/kern_exit.c1 Dec 2022 19:49:15 - @@ -494,7 +494,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; if (pr->ps_xsig == 0) { info->si_code = CLD_EXITED; @@ -530,7 +532,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; info->si_code = CLD_TRAPPED; info->si_status = pr->ps_xsig; @@ -553,7 +557,9 @@ loop: *retval = pr->ps_pid; if (info != 0) { info->si_pid = pr->ps_pid; +
Re: Use `ps_mtx' mutex(9) to protect `ps_ucred' and unlock setuid(2), ...
On Thu, Dec 1, 2022 at 10:31 AM Vitaliy Makkoveev wrote: ... > --- sys/sys/sysctl.h7 Nov 2022 14:25:44 - 1.231 > +++ sys/sys/sysctl.h1 Dec 2022 18:15:06 - > @@ -587,7 +587,7 @@ struct kinfo_vmentry { > > #define_FILL_KPROC_MIN(a,b) (((a)<(b))?(a):(b)) > > -#define FILL_KPROC(kp, copy_str, p, pr, uc, pg, paddr, \ > +#define FILL_KPROC(kp, copy_str, p, pr, pg, paddr, \ > praddr, sess, vm, lim, sa, isthread, show_addresses) \ > ... > - (kp)->p_svgid = (uc)->cr_svgid; \ > + PR_LOCK(pr);\ > + (kp)->p_uid = (pr)->ps_ucred->cr_uid; \ > Nope. As the block comment about this notes, FILL_KPROC() is shared between the kernel and libkvm and takes each structure pointer separately as, for example, pr->ps_ucred has the kva address, not the address of the ucred struct that libkvm has separately read into user memory. Now, you _could_ have libkvm update pr->ps_ucred to point to its user-space copy. However, that would make ucred handling different from the other sub-structures of struct proc and MOST of those we need the real kva for the show_address functionality. Not sure if this is the yak-shave you want right now... (libkvm will obviously also need no-op #defines for PR_LOCK() etc) Philip
Use `ps_mtx' mutex(9) to protect `ps_ucred' and unlock setuid(2), ...
..., setgid(2), setgroups(2), setreuid(2), setregid(2), sys_setegid(2), sys_seteuid(2), setresuid(2), setresgid(2). These syscalls do the same: they overwrite `ps_ucred' by newly allocated credentials structure, so unlock them all. Unlocked chgproccnt() call is safe, because `uidinfolk' rwlock(9) protects `ui_proccnt' modification and `uip' dereference. 'uidinfo' structure has no locks documentation, so I will do this with separate diff. Index: sys/kern/kern_acct.c === RCS file: /cvs/src/sys/kern/kern_acct.c,v retrieving revision 1.47 diff -u -p -r1.47 kern_acct.c --- sys/kern/kern_acct.c14 Aug 2022 01:58:27 - 1.47 +++ sys/kern/kern_acct.c1 Dec 2022 18:15:06 - @@ -221,8 +221,10 @@ acct_process(struct proc *p) acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0); /* (6) The UID and GID of the process */ + mtx_enter(>ps_mtx); acct.ac_uid = pr->ps_ucred->cr_ruid; acct.ac_gid = pr->ps_ucred->cr_rgid; + mtx_leave(>ps_mtx); /* (7) The terminal from which the process was started */ if ((pr->ps_flags & PS_CONTROLT) && Index: sys/kern/kern_exec.c === RCS file: /cvs/src/sys/kern/kern_exec.c,v retrieving revision 1.240 diff -u -p -r1.240 kern_exec.c --- sys/kern/kern_exec.c23 Nov 2022 11:00:27 - 1.240 +++ sys/kern/kern_exec.c1 Dec 2022 18:15:06 - @@ -649,9 +649,11 @@ sys_execve(struct proc *p, void *v, regi if (pr->ps_ucred != cred) { struct ucred *ocred; - ocred = pr->ps_ucred; crhold(cred); + mtx_enter(>ps_mtx); + ocred = pr->ps_ucred; pr->ps_ucred = cred; + mtx_leave(>ps_mtx); crfree(ocred); } Index: sys/kern/kern_exit.c === RCS file: /cvs/src/sys/kern/kern_exit.c,v retrieving revision 1.207 diff -u -p -r1.207 kern_exit.c --- sys/kern/kern_exit.c3 Nov 2022 04:56:47 - 1.207 +++ sys/kern/kern_exit.c1 Dec 2022 18:15:06 - @@ -494,7 +494,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; if (pr->ps_xsig == 0) { info->si_code = CLD_EXITED; @@ -530,7 +532,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; info->si_code = CLD_TRAPPED; info->si_status = pr->ps_xsig; @@ -553,7 +557,9 @@ loop: *retval = pr->ps_pid; if (info != 0) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; info->si_code = CLD_STOPPED; info->si_status = pr->ps_xsig; @@ -572,7 +578,9 @@ loop: *retval = pr->ps_pid; if (info != NULL) { info->si_pid = pr->ps_pid; + mtx_enter(>ps_mtx); info->si_uid = pr->ps_ucred->cr_uid; + mtx_leave(>ps_mtx); info->si_signo = SIGCHLD; info->si_code = CLD_CONTINUED; info->si_status = SIGCONT; Index: sys/kern/kern_ktrace.c === RCS file: /cvs/src/sys/kern/kern_ktrace.c,v retrieving revision 1.108 diff -u -p -r1.108 kern_ktrace.c --- sys/kern/kern_ktrace.c 14 Aug 2022 01:58:27 - 1.108 +++ sys/kern/kern_ktrace.c 1 Dec 2022 18:15:06 - @@ -693,7 +693,12 @@ int ktrcanset(struct proc *callp, struct process *targetpr) { struct ucred *caller = callp->p_ucred; - struct ucred *target = targetpr->ps_ucred; + struct ucred *target; + int ret = 0; + + mtx_enter(>ps_mtx); + + target = targetpr->ps_ucred; if