From owner-svn-src-head@FreeBSD.ORG  Sat Mar 21 20:24:56 2015
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 9C95483E;
 Sat, 21 Mar 2015 20:24:56 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 88547767;
 Sat, 21 Mar 2015 20:24:56 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t2LKOudI011419;
 Sat, 21 Mar 2015 20:24:56 GMT (envelope-from mjg@FreeBSD.org)
Received: (from mjg@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id t2LKOtkl011413;
 Sat, 21 Mar 2015 20:24:55 GMT (envelope-from mjg@FreeBSD.org)
Message-Id: <201503212024.t2LKOtkl011413@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: mjg set sender to mjg@FreeBSD.org
 using -f
From: Mateusz Guzik <mjg@FreeBSD.org>
Date: Sat, 21 Mar 2015 20:24:55 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r280331 - in head/sys: kern sys
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Mar 2015 20:24:56 -0000

Author: mjg
Date: Sat Mar 21 20:24:54 2015
New Revision: 280331
URL: https://svnweb.freebsd.org/changeset/base/280331

Log:
  cred: add proc_set_cred_init helper
  
  proc_set_cred_init can be used to set first credentials of a new
  process.
  
  Update proc_set_cred assertions so that it only expects already used
  processes.
  
  This fixes panics where p_ucred of a new process happens to be non-NULL.
  
  Reviewed by:	kib

Modified:
  head/sys/kern/init_main.c
  head/sys/kern/kern_fork.c
  head/sys/kern/kern_prot.c
  head/sys/sys/ucred.h

Modified: head/sys/kern/init_main.c
==============================================================================
--- head/sys/kern/init_main.c	Sat Mar 21 20:24:03 2015	(r280330)
+++ head/sys/kern/init_main.c	Sat Mar 21 20:24:54 2015	(r280331)
@@ -515,7 +515,7 @@ proc0_init(void *dummy __unused)
 	newcred->cr_ruidinfo = uifind(0);
 	newcred->cr_prison = &prison0;
 	newcred->cr_loginclass = loginclass_find("default");
-	proc_set_cred(p, newcred);
+	proc_set_cred_init(p, newcred);
 #ifdef AUDIT
 	audit_cred_kproc0(newcred);
 #endif

Modified: head/sys/kern/kern_fork.c
==============================================================================
--- head/sys/kern/kern_fork.c	Sat Mar 21 20:24:03 2015	(r280330)
+++ head/sys/kern/kern_fork.c	Sat Mar 21 20:24:54 2015	(r280331)
@@ -867,7 +867,7 @@ fork1(struct thread *td, int flags, int 
 	 * XXX: This is ugly; when we copy resource usage, we need to bump
 	 *      per-cred resource counters.
 	 */
-	proc_set_cred(newproc, crhold(td->td_ucred));
+	proc_set_cred_init(newproc, crhold(td->td_ucred));
 
 	/*
 	 * Initialize resource accounting for the child process.

Modified: head/sys/kern/kern_prot.c
==============================================================================
--- head/sys/kern/kern_prot.c	Sat Mar 21 20:24:03 2015	(r280330)
+++ head/sys/kern/kern_prot.c	Sat Mar 21 20:24:54 2015	(r280331)
@@ -1954,8 +1954,19 @@ cred_update_thread(struct thread *td)
 }
 
 /*
+ * Set initial process credentials.
+ * Callers are responsible for providing the reference for provided credentials.
+ */
+void
+proc_set_cred_init(struct proc *p, struct ucred *newcred)
+{
+
+	p->p_ucred = newcred;
+}
+
+/*
  * Change process credentials.
- * Callers are responsible for providing the reference for current credentials
+ * Callers are responsible for providing the reference for passed credentials
  * and for freeing old ones.
  *
  * Process has to be locked except when it does not have credentials (as it
@@ -1968,9 +1979,10 @@ proc_set_cred(struct proc *p, struct ucr
 {
 	struct ucred *oldcred;
 
+	MPASS(p->p_ucred != NULL);
 	if (newcred == NULL)
 		MPASS(p->p_state == PRS_ZOMBIE);
-	else if (p->p_ucred != NULL)
+	else
 		PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	oldcred = p->p_ucred;

Modified: head/sys/sys/ucred.h
==============================================================================
--- head/sys/sys/ucred.h	Sat Mar 21 20:24:03 2015	(r280330)
+++ head/sys/sys/ucred.h	Sat Mar 21 20:24:54 2015	(r280331)
@@ -106,6 +106,7 @@ void	crcopy(struct ucred *dest, struct u
 struct ucred	*crcopysafe(struct proc *p, struct ucred *cr);
 struct ucred	*crdup(struct ucred *cr);
 void	cred_update_thread(struct thread *td);
+void	proc_set_cred_init(struct proc *p, struct ucred *cr);
 struct ucred	*proc_set_cred(struct proc *p, struct ucred *cr);
 void	crfree(struct ucred *cr);
 struct ucred	*crget(void);