Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 25 Mar 2004 12:12:35 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Robert Watson <rwatson@FreeBSD.org>
Cc:        freebsd-net@FreeBSD.org
Subject:   Re: in_pcbbind_setup(), etc.
Message-ID:  <20040325111235.GY8930@darkness.comp.waw.pl>
In-Reply-To: <Pine.NEB.3.96L.1040323181412.20483A-100000@fledge.watson.org>
References:  <20040323123831.GM8930@darkness.comp.waw.pl> <Pine.NEB.3.96L.1040323181412.20483A-100000@fledge.watson.org>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
On Tue, Mar 23, 2004 at 06:16:31PM -0500, Robert Watson wrote:
+> > For example: 'td' can be NULL? It is offten tested, but not always,
+> > Line 290:
+> > 		if (sin->sin_addr.s_addr != INADDR_ANY)
+> > 			if (prison_ip(td->td_ucred, 0, &sin->sin_addr.s_addr))
+> > 				return(EINVAL);
+> > td_ucred is used, but 'td' is not tested.
+> > 
+> > If this is always current thread, it can't be NULL, right?  If this not
+> > have to be current thread, we cannot touch td_ucred here, because (from
+> > proc.h): 
+> 
+> Prior to FreeBSD 5.x, curproc could be NULL in interrupt context.  With
+> the introduction of curthread and the move to interrupt threads, curthread
+> became always non-NULL.  However, sometimes the use of curthread may not
+> make sense.  :-)  I think I'd prefer it if we passed an explicit
+> credential into a number of these situations, which could be NULL if "the
+> system" was requesting a service as opposed to an explicit user process.
+> However, I'm not 100% convinced that is the right approach either.  Note
+> that we have some similar "confusions" relating to use of cached
+> credentials in sockets, etc.  The whole issue probably needs to be
+> discussed after some detailed analysis, and revisited.

Ok, I've add few line at start of in_pcbbind_setup():

	if (td == NULL)
		printf("NULL td in %s\n", __func__);
	if (td != curthread)
		printf("td != curthread in %s\n", __func__);

And I'm seeing 2nd printf() while mounting NFS file systems.
If so, I think using td->td_ucred in this function isn't safe...

-- 
Pawel Jakub Dawidek                       http://www.FreeBSD.org
pjd@FreeBSD.org                           http://garage.freebsd.pl
FreeBSD committer                         Am I Evil? Yes, I Am!

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAYr6jForvXbEpPzQRAr47AJ0bBy3kVhkKFBcHy+vwn30O5/icpwCgnoW8
/Cn/X6spWO9oNt/UxLW95wM=
=t1Rj
-----END PGP SIGNATURE-----
help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040325111235.GY8930>