Date: Sat, 2 Aug 2025 23:35:23 GMT From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: a523d882a467 - main - vfs_syscall.c: do not take process lock around the read of P2_NO_NEW_PRIVS Message-ID: <202508022335.572NZNkP004652@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=a523d882a4671040aba57549492f8df6676cb855 commit a523d882a4671040aba57549492f8df6676cb855 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2025-08-02 17:57:44 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2025-08-02 23:02:43 +0000 vfs_syscall.c: do not take process lock around the read of P2_NO_NEW_PRIVS The flag is write-only, and if we raced with reading the action of setting the flag, we can as well get it under the lock. Reviewed by: emaste, kevans Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D51708 --- sys/kern/vfs_syscalls.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 25d40a9806cb..a0e56a8fd8a7 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -982,13 +982,10 @@ kern_chroot(struct thread *td, struct vnode *vp) error = priv_check(td, PRIV_VFS_CHROOT); if (error != 0) { p = td->td_proc; - PROC_LOCK(p); if (unprivileged_chroot == 0 || (p->p_flag2 & P2_NO_NEW_PRIVS) == 0) { - PROC_UNLOCK(p); goto e_vunlock; } - PROC_UNLOCK(p); } error = change_dir(vp, td);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202508022335.572NZNkP004652>