From owner-p4-projects Thu Oct 31 12:53:19 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 0AC2537B404; Thu, 31 Oct 2002 12:53:16 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD55337B401 for ; Thu, 31 Oct 2002 12:53:15 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 68AF743E6E for ; Thu, 31 Oct 2002 12:53:15 -0800 (PST) (envelope-from green@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9VKpsmV015521 for ; Thu, 31 Oct 2002 12:51:54 -0800 (PST) (envelope-from green@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9VKpr0u015518 for perforce@freebsd.org; Thu, 31 Oct 2002 12:51:53 -0800 (PST) Date: Thu, 31 Oct 2002 12:51:53 -0800 (PST) Message-Id: <200210312051.g9VKpr0u015518@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to green@freebsd.org using -f From: Brian Feldman Subject: PERFORCE change 20491 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://perforce.freebsd.org/chv.cgi?CH=20491 Change 20491 by green@green_laptop_2 on 2002/10/31 12:51:02 * Fix reversed sense of "privileged" checks. * Remove case of lock order reversal in thread_userret code. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#32 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#32 (text+ko) ==== @@ -1996,7 +1996,7 @@ subj = SLOT(&cred->cr_label); obj = SLOT(label); - if (!mac_lomac_subject_privileged(subj)) + if (mac_lomac_subject_privileged(subj)) return (EPERM); if (!mac_lomac_high_single(obj)) @@ -2032,7 +2032,7 @@ return (EACCES); #endif - if (!mac_lomac_subject_privileged(subj)) + if (mac_lomac_subject_privileged(subj)) return (EPERM); } @@ -2514,9 +2514,11 @@ struct proc *p = td->td_proc; struct mac_lomac_proc *subj = PSLOT(&p->p_label); struct ucred *newcred, *oldcred; + int dodrop; mtx_lock(&subj->mtx); if (subj->mac_lomac.ml_flags & MAC_LOMAC_FLAG_UPDATE) { + dodrop = 0; mtx_unlock(&subj->mtx); newcred = crget(); /* @@ -2525,23 +2527,27 @@ * user of subj->mtx wouldn't be holding Giant. */ mtx_lock(&Giant); + PROC_LOCK(p); mtx_lock(&subj->mtx); /* * Check if we lost the race while allocating the cred. */ - if ((subj->mac_lomac.ml_flags & MAC_LOMAC_FLAG_UPDATE) == 0) + if ((subj->mac_lomac.ml_flags & MAC_LOMAC_FLAG_UPDATE) == 0) { + crfree(newcred); goto out; - PROC_LOCK(p); + } oldcred = p->p_ucred; crcopy(newcred, oldcred); crhold(newcred); mac_lomac_copy(&subj->mac_lomac, SLOT(&newcred->cr_label)); p->p_ucred = newcred; crfree(oldcred); - PROC_UNLOCK(p); - mac_cred_mmapped_drop_perms(curthread, newcred); + dodrop = 1; out: mtx_unlock(&subj->mtx); + PROC_UNLOCK(p); + if (dodrop) + mac_cred_mmapped_drop_perms(curthread, newcred); mtx_unlock(&Giant); } else { mtx_unlock(&subj->mtx); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message