From owner-freebsd-hackers@FreeBSD.ORG Thu Nov 9 12:41:21 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 96B5E16A512 for ; Thu, 9 Nov 2006 12:41:21 +0000 (UTC) (envelope-from ed@hoeg.nl) Received: from palm.hoeg.nl (palm.hoeg.nl [83.98.131.212]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3763443D53 for ; Thu, 9 Nov 2006 12:41:20 +0000 (GMT) (envelope-from ed@hoeg.nl) Received: by palm.hoeg.nl (Postfix, from userid 1000) id 77F8C1CE94; Thu, 9 Nov 2006 13:41:19 +0100 (CET) Date: Thu, 9 Nov 2006 13:41:19 +0100 From: Ed Schouten To: FreeBSD Hackers Message-ID: <20061109124119.GB16100@hoeg.nl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="gatW/ieO32f1wygP" Content-Disposition: inline User-Agent: Mutt/1.5.13 (2006-08-11) X-Mailman-Approved-At: Thu, 09 Nov 2006 13:45:05 +0000 Subject: [Patch] sys/kern/kern_descrip.c: remove double limit check in fcntl() X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Nov 2006 12:41:21 -0000 --gatW/ieO32f1wygP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, I'm working on a project at school to develop a multimedia system (a la Windows Media Center) based on FreeBSD. I was looking at some code in sys/kern/kern_descrip.c to figure out how the fcntl() with F_DUPFD and dup() differ. I discovered that kern_fcntl() contains some redundant code. Right before calling do_dup(), it locks the process and checks that the minimal file descriptor is lower than the limit for the process. The do_dup() call does exactly the same check almost at the beginning. This causes the fcntl() call to call PROC_LOCK() once too much. The patch below prevents this by performing this check by do_dup(). It will prevent fcntl() from PROC_LOCK()'ing twice. It also fixes the return value of fcntl(). The manual page states that it should return EMFILE when it exceeds its limit, though the actual code sets EINVAL. %%% --- kern_descrip.c Thu Nov 9 13:23:40 2006 +++ kern_descrip.c Thu Nov 9 13:32:28 2006 @@ -355,7 +355,6 @@ struct proc *p; char *pop; struct vnode *vp; - u_int newmin; int error, flg, tmp; int giant_locked; =20 @@ -393,16 +392,7 @@ case F_DUPFD: /* mtx_assert(&Giant, MA_NOTOWNED); */ FILEDESC_UNLOCK(fdp); - newmin =3D arg; - PROC_LOCK(p); - if (newmin >=3D lim_cur(p, RLIMIT_NOFILE) || - newmin >=3D maxfilesperproc) { - PROC_UNLOCK(p); - error =3D EINVAL; - break; - } - PROC_UNLOCK(p); - error =3D do_dup(td, DUP_VARIABLE, fd, newmin, td->td_retval); + error =3D do_dup(td, DUP_VARIABLE, fd, arg, td->td_retval); break; =20 case F_GETFD: %%% --=20 Ed Schouten WWW: http://g-rave.nl/ --gatW/ieO32f1wygP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFUyHv52SDGA2eCwURAmHFAJwPccsflvlDh7pQhIIUP+J4Qj6A9gCeMH0J QGPZX0iudeCpI9i6Y2K1cN0= =Z0Tk -----END PGP SIGNATURE----- --gatW/ieO32f1wygP--