From owner-p4-projects@FreeBSD.ORG  Sat Aug 15 15:59:17 2009
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id CCB61106568D; Sat, 15 Aug 2009 15:59:17 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 914FF106568B
	for <perforce@freebsd.org>; Sat, 15 Aug 2009 15:59:17 +0000 (UTC)
	(envelope-from trasz@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 6609D8FC45
	for <perforce@freebsd.org>; Sat, 15 Aug 2009 15:59:17 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n7FFxHv6083785
	for <perforce@freebsd.org>; Sat, 15 Aug 2009 15:59:17 GMT
	(envelope-from trasz@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n7FFxHa4083783
	for perforce@freebsd.org; Sat, 15 Aug 2009 15:59:17 GMT
	(envelope-from trasz@freebsd.org)
Date: Sat, 15 Aug 2009 15:59:17 GMT
Message-Id: <200908151559.n7FFxHa4083783@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	trasz@freebsd.org using -f
From: Edward Tomasz Napierala <trasz@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 167368 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Aug 2009 15:59:18 -0000

http://perforce.freebsd.org/chv.cgi?CH=167368

Change 167368 by trasz@trasz_anger on 2009/08/15 15:58:21

	Fix use after free - process_exit eventhandler gets invoked
	a little too early for my needs.  Also, don't crash on
	'hrl -u c:'.

Affected files ...

.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#12 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_fork.c#11 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#57 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_loginclass.c#8 edit

Differences ...

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#12 (text+ko) ====

@@ -48,6 +48,7 @@
 #include <sys/kernel.h>
 #include <sys/malloc.h>
 #include <sys/lock.h>
+#include <sys/loginclass.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
 #include <sys/pioctl.h>
@@ -765,7 +766,7 @@
 	hrl_proc_exiting(p);
 
 	/*
-	 * Free credentials, arguments, and sigacts.
+	 * Free credentials, arguments, sigacts and loginclass.
 	 */
 	crfree(p->p_ucred);
 	p->p_ucred = NULL;
@@ -773,6 +774,8 @@
 	p->p_args = NULL;
 	sigacts_free(p->p_sigacts);
 	p->p_sigacts = NULL;
+	loginclass_release(p->p_loginclass);
+	p->p_loginclass = NULL;
 
 	/*
 	 * Do any thread-system specific cleanups.

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_fork.c#11 (text+ko) ====

@@ -51,6 +51,7 @@
 #include <sys/kthread.h>
 #include <sys/sysctl.h>
 #include <sys/lock.h>
+#include <sys/loginclass.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
 #include <sys/priv.h>
@@ -478,6 +479,9 @@
 	/* Tell the prison that we exist. */
 	prison_proc_hold(p2->p_ucred->cr_prison);
 
+	/* Loginclass might want to know too. */
+	loginclass_acquire(p2->p_loginclass);
+
 	PROC_UNLOCK(p2);
 
 	/*

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#57 (text+ko) ====

@@ -1331,8 +1331,12 @@
 static int
 hrl_get_usage_lc(struct thread *td, int lcp, struct sbuf **outputsbuf)
 {
-	struct loginclass *lc = (struct loginclass *)lcp;
+	struct loginclass *lc;
+
+	if (lcp == HRL_SUBJECT_ID_UNDEFINED)
+		return (EINVAL);
 
+	lc = (struct loginclass *)lcp;
 	*outputsbuf = hrl_usage_to_sbuf(&lc->lc_usage);
 
 	return (0);

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_loginclass.c#8 (text+ko) ====

@@ -228,29 +228,8 @@
 }
 
 static void
-lc_proc_fork(void *arg __unused, struct proc *parent, struct proc *child,
-    int flags __unused)
-{
-
-	PROC_LOCK(child);
-	loginclass_acquire(child->p_loginclass);
-	PROC_UNLOCK(child);
-}
-
-static void
-lc_proc_exit(void *arg __unused, struct proc *p)
-{
-
-	PROC_LOCK(p);
-	loginclass_release(p->p_loginclass);
-	PROC_UNLOCK(p);
-}
-
-static void
 lc_init(void)
 {
 
 	mtx_init(&loginclasses_lock, "loginclasses lock", NULL, MTX_DEF);
-	EVENTHANDLER_REGISTER(process_fork, lc_proc_fork, NULL, EVENTHANDLER_PRI_ANY);
-	EVENTHANDLER_REGISTER(process_exit, lc_proc_exit, NULL, EVENTHANDLER_PRI_ANY);
 }