From owner-freebsd-hackers Thu Jan 9 12:23:56 2003 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3D51937B401; Thu, 9 Jan 2003 12:23:55 -0800 (PST) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A8D743ED8; Thu, 9 Jan 2003 12:23:55 -0800 (PST) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id 864E3AE165; Thu, 9 Jan 2003 12:23:46 -0800 (PST) Date: Thu, 9 Jan 2003 12:23:46 -0800 From: Alfred Perlstein To: hackers@freebsd.org Cc: dillon@freebsd.org, tegge@freebsd.org Subject: rfork DoS Message-ID: <20030109202346.GS33821@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I think there can be a problem if we allow rfork without either RFCFDG or RFFDG and RFTHREAD. Basically because we cache the ADVLOCK flag in the proc we may have a situation where this happens: p1 rfork(RFMEM); /* gets back p2 */ p2 advlocks some files from the shared table p2 exits, but since the refcount on the fdesc is still > 0 we leave it alone and leak lock structures. p1 exits Does this make sense as a problem area? I think we should only allow filedesc sharing if RFTHREAD is set. RFTHREAD seems to get it right because of the peers/leader mechanism. thanks, -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message