Date: Wed, 14 Jan 2004 13:38:18 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 45360 for review Message-ID: <200401142138.i0ELcIws021652@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=45360 Change 45360 by rwatson@rwatson_tislabs on 2004/01/14 13:38:17 Break out memory allocation in audit_proc_init() and audit_proc_fork() into audit_proc_alloc() to match audit_proc_free(). This allows us to avoid memory allocation while holding the process mutex. While here, assert the process mutex for parent and child when forking, since we currently believe p_au and contents will be protected by that lock. While here, fix a memory leak in the MAC code from when process creation fails. Affected files ... .. //depot/projects/trustedbsd/audit2/sys/kern/init_main.c#3 edit .. //depot/projects/trustedbsd/audit2/sys/kern/kern_fork.c#3 edit .. //depot/projects/trustedbsd/audit2/sys/security/audit/audit.c#12 edit .. //depot/projects/trustedbsd/audit2/sys/security/audit/kern_audit.h#11 edit Differences ... ==== //depot/projects/trustedbsd/audit2/sys/kern/init_main.c#3 (text+ko) ==== @@ -398,6 +398,7 @@ p->p_ucred->cr_ruidinfo = uifind(0); p->p_ucred->cr_prison = NULL; /* Don't jail it. */ #ifdef AUDIT + audit_proc_alloc(p); audit_proc_init(p); #endif #ifdef MAC ==== //depot/projects/trustedbsd/audit2/sys/kern/kern_fork.c#3 (text+ko) ==== @@ -290,6 +290,9 @@ #ifdef MAC mac_init_proc(newproc); #endif +#ifdef AUDIT + audit_proc_alloc(newproc); +#endif /* * Although process entries are dynamically created, we still keep @@ -739,6 +742,12 @@ printf("maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5).\n", uid); sx_xunlock(&allproc_lock); +#ifdef MAC + mac_proc_destroy(newproc); +#endif +#ifdef AUDIT + audit_proc_free(newproc); +#endif uma_zfree(proc_zone, newproc); if (p1->p_flag & P_SA) { PROC_LOCK(p1); ==== //depot/projects/trustedbsd/audit2/sys/security/audit/audit.c#12 (text+ko) ==== @@ -1251,6 +1251,16 @@ ar->k_ar.ar_valid_arg |= ARG_SVIPC_ADDR; } +/* + * Allocate storage for a new process (init, or otherwise). + */ +void +audit_proc_alloc(struct proc *p) +{ + + p->p_au = malloc(sizeof(*p->p_au), M_AUDIT, M_WAITOK); +} + /* * Initialize the audit information for the a process, presumably the first * process in the system. @@ -1261,25 +1271,19 @@ audit_proc_init(struct proc *p) { - p->p_au = malloc(sizeof(*p->p_au), M_AUDIT, M_WAITOK); bzero((void *)p->p_au, sizeof(*p->p_au)); } /* * Copy the audit info from the parent process to the child process when * a fork takes place. - * XXX Need to check for failure from the memory allocation, in here - * as well as in any functions that use the process auditing info. */ void audit_proc_fork(struct proc *parent, struct proc *child) { - /* Always set up the audit information pointer as this function - * should only be called when the proc is new. If proc structures - * are ever cached and reused, then this behavior will leak memory. - */ - child->p_au = malloc(sizeof(*child->p_au), M_AUDIT, M_WAITOK); + PROC_LOCK_ASSERT(parent, MA_OWNED); + PROC_LOCK_ASSERT(child, MA_OWNED); bcopy(parent->p_au, child->p_au, sizeof(*child->p_au)); } ==== //depot/projects/trustedbsd/audit2/sys/security/audit/kern_audit.h#11 (text+ko) ==== @@ -154,6 +154,7 @@ void audit_arg_svipc_id(int id); void audit_arg_svipc_addr(void *addr); +void audit_proc_alloc(struct proc *p); void audit_proc_init(struct proc *p); void audit_proc_fork(struct proc *parent, struct proc *child);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401142138.i0ELcIws021652>