CVS commit: [netbsd-5-2] src/sys/kern

Tue, 15 Apr 2014 23:57:07 -0700 

Module Name:    src
Committed By:   msaitoh
Date:           Wed Apr 16 06:56:49 UTC 2014

Modified Files:
        src/sys/kern [netbsd-5-2]: kern_verifiedexec.c

Log Message:
Pull up following revision(s) (requested by maxv in ticket #1899):
        sys/kern/kern_verifiedexec.c    1.132

Reorder code to avoid use-after-free on error. From Maxime Villard.


To generate a diff of this commit:
cvs rdiff -u -r1.111.4.1 -r1.111.4.1.10.1 src/sys/kern/kern_verifiedexec.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/kern_verifiedexec.c
diff -u src/sys/kern/kern_verifiedexec.c:1.111.4.1 src/sys/kern/kern_verifiedexec.c:1.111.4.1.10.1
--- src/sys/kern/kern_verifiedexec.c:1.111.4.1	Thu Dec 18 00:56:27 2008
+++ src/sys/kern/kern_verifiedexec.c	Wed Apr 16 06:56:49 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_verifiedexec.c,v 1.111.4.1 2008/12/18 00:56:27 snj Exp $	*/
+/*	$NetBSD: kern_verifiedexec.c,v 1.111.4.1.10.1 2014/04/16 06:56:49 msaitoh Exp $	*/
 
 /*-
  * Copyright (c) 2005, 2006 Elad Efrat <e...@netbsd.org>
@@ -29,7 +29,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.111.4.1 2008/12/18 00:56:27 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.111.4.1.10.1 2014/04/16 06:56:49 msaitoh Exp $");
 
 #include "opt_veriexec.h"
 
@@ -1295,18 +1295,6 @@ veriexec_file_add(struct lwp *l, prop_di
 	vfe->last_page_size = 0;
 	rw_init(&vfe->lock);
 
-	vte = veriexec_table_lookup(nid.ni_vp->v_mount);
-	if (vte == NULL)
-		vte = veriexec_table_add(l, nid.ni_vp->v_mount);
-
-	/* XXX if we bail below this, we might want to gc newly created vtes. */
-
-	error = fileassoc_add(nid.ni_vp, veriexec_hook, vfe);
-	if (error)
-		goto unlock_out;
-
-	vte->vte_count++;
-
 	if (prop_bool_true(prop_dictionary_get(dict, "eval-on-load")) ||
 	    (vfe->type & VERIEXEC_UNTRUSTED)) {
 		u_char *digest;
@@ -1328,6 +1316,18 @@ veriexec_file_add(struct lwp *l, prop_di
 		kmem_free(digest, vfe->ops->hash_len);
 	}
 
+	vte = veriexec_table_lookup(nid.ni_vp->v_mount);
+	if (vte == NULL)
+		vte = veriexec_table_add(l, nid.ni_vp->v_mount);
+
+	/* XXX if we bail below this, we might want to gc newly created vtes. */
+
+	error = fileassoc_add(nid.ni_vp, veriexec_hook, vfe);
+	if (error)
+		goto unlock_out;
+
+	vte->vte_count++;
+
 	veriexec_file_report(NULL, "New entry.", file, NULL, REPORT_DEBUG);
 	veriexec_bypass = 0;

Reply via email to