Le 27/10/2014 21:21, Lars Heidieker a écrit :
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon, 27 Oct 2014 16:42:15 +0100
> Maxime Villard <m...@m00nbsd.net> wrote:
>
>> Hi,
>> I think there's a rwlock issue in secmodel/secmodel.c:
>>
>> 174 if (sm == NULL) {
>> 175 error = EFAULT;
>> 176 goto out;
>> 177 }
>> 178
>> 179 /* Check if the secmodel is already present. */
>> 180 rw_enter(&secmodels_lock, RW_WRITER);
>> ...
>> out:
>> 194 /* Unlock the secmodels list. */
>> 195 rw_exit(&secmodels_lock);
>> 196
>> 197 return error;
>>
>> This goto out will release secmodels_lock while it is not yet held,
>> right?
>>
>> The same in secmodel_unplug().
>>
>
> Yes, seems that way to me.
> secmodel_plug is only called from secmodel_register, where it would
> crash anyway if sm is NULL so it should be an assert, right?
yes, but in case it gets used in the future...
> (and for unplug the check should be in secmodel_deregister)
>
> Lars
>
Index: secmodel.c
===================================================================
RCS file: /cvsroot/src/sys/secmodel/secmodel.c,v
retrieving revision 1.1
diff -u -r1.1 secmodel.c
--- secmodel.c 4 Dec 2011 19:24:59 -0000 1.1
+++ secmodel.c 30 Oct 2014 17:17:36 -0000
@@ -171,10 +171,8 @@
secmodel_t tsm;
int error = 0;
- if (sm == NULL) {
- error = EFAULT;
- goto out;
- }
+ if (sm == NULL)
+ return EFAULT;
/* Check if the secmodel is already present. */
rw_enter(&secmodels_lock, RW_WRITER);
@@ -203,10 +201,8 @@
secmodel_t tsm;
int error = 0;
- if (sm == NULL) {
- error = EFAULT;
- goto out;
- }
+ if (sm == NULL)
+ return EFAULT;
/* Make sure the secmodel is present. */
rw_enter(&secmodels_lock, RW_WRITER);
Ok?
