From owner-svn-src-head@FreeBSD.ORG Thu Dec 2 12:44:51 2010 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CC2A01065672; Thu, 2 Dec 2010 12:44:51 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id BA3F48FC0A; Thu, 2 Dec 2010 12:44:51 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id oB2CipFl007301; Thu, 2 Dec 2010 12:44:51 GMT (envelope-from kib@svn.freebsd.org) Received: (from kib@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id oB2Cipfm007298; Thu, 2 Dec 2010 12:44:51 GMT (envelope-from kib@svn.freebsd.org) Message-Id: <201012021244.oB2Cipfm007298@svn.freebsd.org> From: Konstantin Belousov Date: Thu, 2 Dec 2010 12:44:51 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r216120 - head/sys/fs/procfs X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Dec 2010 12:44:51 -0000 Author: kib Date: Thu Dec 2 12:44:51 2010 New Revision: 216120 URL: http://svn.freebsd.org/changeset/base/216120 Log: For non-stopped threads, td_frame pointer is undefined. As a consequence, fill_regs() and fill_fpregs() access random data, usually on the thread kernel stack. Most often the td_frame points to the previous frame saved by last kernel entry sequence, but this is not guaranteed. For /proc//{regs,fpregs} read access, require the thread to be in stopped state. Otherwise, return EBUSY as is done for write case. Reported and tested by: pho Approved by: des (procfs maintainer) MFC after: 1 week Modified: head/sys/fs/procfs/procfs_fpregs.c head/sys/fs/procfs/procfs_regs.c Modified: head/sys/fs/procfs/procfs_fpregs.c ============================================================================== --- head/sys/fs/procfs/procfs_fpregs.c Thu Dec 2 10:46:05 2010 (r216119) +++ head/sys/fs/procfs/procfs_fpregs.c Thu Dec 2 12:44:51 2010 (r216120) @@ -97,6 +97,10 @@ procfs_doprocfpregs(PFS_FILL_ARGS) PROC_UNLOCK(p); return (EPERM); } + if (!P_SHOULDSTOP(p)) { + PROC_UNLOCK(p); + return (EBUSY); + } /* XXXKSE: */ td2 = FIRST_THREAD_IN_PROC(p); Modified: head/sys/fs/procfs/procfs_regs.c ============================================================================== --- head/sys/fs/procfs/procfs_regs.c Thu Dec 2 10:46:05 2010 (r216119) +++ head/sys/fs/procfs/procfs_regs.c Thu Dec 2 12:44:51 2010 (r216120) @@ -97,6 +97,10 @@ procfs_doprocregs(PFS_FILL_ARGS) PROC_UNLOCK(p); return (EPERM); } + if (!P_SHOULDSTOP(p)) { + PROC_UNLOCK(p); + return (EBUSY); + } /* XXXKSE: */ td2 = FIRST_THREAD_IN_PROC(p);