From owner-cvs-all@FreeBSD.ORG Thu Sep 15 15:29:59 2005 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F88416A41F; Thu, 15 Sep 2005 15:29:59 +0000 (GMT) (envelope-from jhb@FreeBSD.org) Received: from mv.twc.weather.com (mv.twc.weather.com [65.212.71.225]) by mx1.FreeBSD.org (Postfix) with ESMTP id B109843D46; Thu, 15 Sep 2005 15:29:58 +0000 (GMT) (envelope-from jhb@FreeBSD.org) Received: from [10.50.41.233] (Not Verified[10.50.41.233]) by mv.twc.weather.com with NetIQ MailMarshal (v6, 0, 3, 8) id ; Thu, 15 Sep 2005 11:45:38 -0400 From: John Baldwin To: "Christian S.J. Peron" Date: Thu, 15 Sep 2005 11:30:58 -0400 User-Agent: KMail/1.8 References: <200509151503.j8FF3m5i086438@repoman.freebsd.org> In-Reply-To: <200509151503.j8FF3m5i086438@repoman.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-6" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200509151131.00450.jhb@FreeBSD.org> Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern imgact_elf.c vfs_lookup.c vfs_syscalls.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2005 15:29:59 -0000 On Thursday 15 September 2005 11:03 am, Christian S.J. Peron wrote: > csjp 2005-09-15 15:03:48 UTC > > FreeBSD src repository > > Modified files: > sys/kern imgact_elf.c vfs_lookup.c vfs_syscalls.c > Log: > Improve the MP safeness associated with the creation of symbolic > links and the execution of ELF binaries. Two problems were found: > > 1) The link path wasn't tagged as being MP safe and thus was not properly > protected. > 2) The ELF interpreter vnode wasnt being locked in namei(9) and thus was > insufficiently protected. > > This commit makes the following changes: > > -Sets the MPSAFE flag in NDINIT for symbolic link paths > -Sets the MPSAFE flag in NDINIT and introduce a vfslocked variable which > will be used to instruct VFS_UNLOCK_GIANT to unlock Giant if it has been > picked up. > -Drop in an assertion into vfs_lookup which ensures that if the MPSAFE > flag is NOT set, that we have picked up giant. If not panic (if WITNESS > compiled into the kernel). This should help us find conditions where > vnode operations are in-sufficiently protected. > > This is a RELENG_6 candidate. > > Discussed with: jeff > MFC after: 4 days Why not just use mtx_assert() to do locking assertions? if (!(cnp->cn_flags & MPSAFE)) mtx_assert(&Giant, MA_OWNED); Also, note that assertions only depend on INVARIANTS, not on WITNESS. -- John Baldwin <>< http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to Serve" = http://www.FreeBSD.org