Date: Sun, 13 Jun 2021 01:45:10 GMT From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: cad10e50dce3 - stable/13 - ktrace: fix a race between writes and close Message-ID: <202106130145.15D1jAvT052032@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=cad10e50dce3732f4d664f8edf0c1d6818373239 commit cad10e50dce3732f4d664f8edf0c1d6818373239 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2021-05-22 12:40:00 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2021-06-13 01:22:34 +0000 ktrace: fix a race between writes and close (cherry picked from commit fc369a353b5b5e0f8046687fcbd78a7cd9ad1810) --- sys/kern/kern_ktrace.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c index 9568a752d820..f8b2cf83e005 100644 --- a/sys/kern/kern_ktrace.c +++ b/sys/kern/kern_ktrace.c @@ -1262,7 +1262,7 @@ ktrsetchildren(struct thread *td, struct proc *top, int ops, int facs, static void ktr_writerequest(struct thread *td, struct ktr_request *req) { - struct ktr_io_params *kiop; + struct ktr_io_params *kiop, *kiop1; struct ktr_header *kth; struct vnode *vp; struct proc *p; @@ -1277,14 +1277,10 @@ ktr_writerequest(struct thread *td, struct ktr_request *req) p = td->td_proc; /* - * We hold the vnode and credential for use in I/O in case ktrace is + * We reference the kiop for use in I/O in case ktrace is * disabled on the process as we write out the request. - * - * XXXRW: This is not ideal: we could end up performing a write after - * the vnode has been closed. */ mtx_lock(&ktrace_mtx); - kiop = p->p_ktrioparms; /* @@ -1296,13 +1292,12 @@ ktr_writerequest(struct thread *td, struct ktr_request *req) return; } + ktr_io_params_ref(kiop); vp = kiop->vp; cred = kiop->cr; lim = kiop->lim; - vrefact(vp); KASSERT(cred != NULL, ("ktr_writerequest: cred == NULL")); - crhold(cred); mtx_unlock(&ktrace_mtx); kth = &req->ktr_header; @@ -1344,9 +1339,11 @@ ktr_writerequest(struct thread *td, struct ktr_request *req) error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); VOP_UNLOCK(vp); vn_finished_write(mp); - crfree(cred); if (error == 0) { - vrele(vp); + mtx_lock(&ktrace_mtx); + kiop = ktr_io_params_rele(kiop); + mtx_unlock(&ktrace_mtx); + ktr_io_params_free(kiop); return; } @@ -1359,12 +1356,15 @@ ktr_writerequest(struct thread *td, struct ktr_request *req) "ktrace write failed, errno %d, tracing stopped for pid %d\n", error, p->p_pid); + kiop1 = NULL; PROC_LOCK(p); mtx_lock(&ktrace_mtx); if (p->p_ktrioparms != NULL && p->p_ktrioparms->vp == vp) - kiop = ktr_freeproc(p); + kiop1 = ktr_freeproc(p); + kiop = ktr_io_params_rele(kiop); mtx_unlock(&ktrace_mtx); PROC_UNLOCK(p); + ktr_io_params_free(kiop1); ktr_io_params_free(kiop); vrele(vp); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106130145.15D1jAvT052032>