Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 23 Jun 2005 00:53:37 +0200
From:      Mauser <mauser@poczta.fm>
To:        Dan Nelson <dnelson@allantgroup.com>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: kld problem
Message-ID:  <20050623005337.6fccc5e7.mauser@poczta.fm>
In-Reply-To: <20050622215258.GE49171@dan.emsphone.com>
References:  <20050622192127.05bff1b8.mauser@poczta.fm> <20050622215258.GE49171@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 22 Jun 2005 16:52:58 -0500
Dan Nelson <dnelson@allantgroup.com> wrote:

> In the last episode (Jun 22), Mauser said:
> > Unloading syscall kernel module can cause a system crash. It occurs
> > when we  unload the module while a process is executing our syscall.
> > Example:
> > 
> > $ cat kldtest.c
> ...
> > static int test_syscall(struct thread *td, void *arg) {
> >     struct timeval tv;
> >     tv.tv_sec = 15;
> >     tv.tv_usec = 0;
> >     tsleep(&test_nw,PWAIT,"test",tvtohz(&tv));
> >     return 0;
> > }
> ...
> > static int test_load(struct module *mod, int cmd, void *arg) {
> >     if(cmd != MOD_LOAD && cmd != MOD_UNLOAD)
> >         return EOPNOTSUPP;
> >     return 0;
> > 
> 
> In test_load, you can return a nonzero value on MOD_UNLOAD to abort an
> unload request.  See the module(9) manpage for more details.  You may
> need to increment a counter or hold a mutex while in the syscall to
> make it easy for test_load to determine whether it's safe to unload or
> not.
> 

Yes, I know, I rtfm ;)
This issue occured to me while writing own security-related kld which
modify some syscalls and perform authorization (something like
rexec,cerb). I think that holding a mutex on each of syscalls would be a
bit inefficient. Furthermore I'll need to unset MP_SAFE flags in
modified syscalls to be 100% certain that nobody unload the module while
executing syscall (mutex _after_ calling syscall won't be enough if i'm
not mistaken).

Maciek

----------------------------------------------------------------------
OMNIXMAIL! Jesli masz telefon w sieci Era i dostep do WAP, to mozesz
na komorce odbierac poczte ze wszystkich swoich kont poczty e-mail!
OMNIXMAIL jest w Era Omnix: http://link.interia.pl/f1896

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050623005337.6fccc5e7.mauser>