From owner-freebsd-hackers  Thu Jan  9 12:37:52 2003
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id CE1E637B401; Thu,  9 Jan 2003 12:37:50 -0800 (PST)
Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 806EB43EB2; Thu,  9 Jan 2003 12:37:50 -0800 (PST)
	(envelope-from dillon@apollo.backplane.com)
Received: from apollo.backplane.com (localhost [127.0.0.1])
	by apollo.backplane.com (8.12.6/8.12.6) with ESMTP id h09KboYM005056;
	Thu, 9 Jan 2003 12:37:50 -0800 (PST)
	(envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.12.6/8.12.6/Submit) id h09Kbo9v005055;
	Thu, 9 Jan 2003 12:37:50 -0800 (PST)
Date: Thu, 9 Jan 2003 12:37:50 -0800 (PST)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <200301092037.h09Kbo9v005055@apollo.backplane.com>
To: Alfred Perlstein <bright@mu.org>
Cc: hackers@FreeBSD.ORG, tegge@FreeBSD.ORG
Subject: Re: rfork DoS
References:  <20030109202346.GS33821@elvis.mu.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

    Well, the manual page (which may be out of date) infers
    that the rfork() only operates on the current process if
    RFPROC is not set.  If we extend that to include RFTHREAD
    then the inference is that either RFPROC or RFTHREAD must be
    set and if neither is set an error should be returned.  Am
    I missing something?

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>


:I think there can be a problem if we allow rfork without
:either RFCFDG or RFFDG and RFTHREAD.
:
:Basically because we cache the ADVLOCK flag in the proc
:we may have a situation where this happens:
:
:p1 rfork(RFMEM); /* gets back p2 */
:p2 advlocks some files from the shared table
:p2 exits, but since the refcount on the fdesc is still > 0 we leave it
:   alone and leak lock structures.
:p1 exits 
:
:Does this make sense as a problem area?  I think we should only
:allow filedesc sharing if RFTHREAD is set.   RFTHREAD seems to get
:it right because of the peers/leader mechanism.
:
:thanks,
:-- 
:-Alfred Perlstein [alfred@freebsd.org]
:'Instead of asking why a piece of software is using "1970s technology,"
: start asking why software is ignoring 30 years of accumulated wisdom.'
:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message