Date: Thu, 8 Jul 2010 18:20:53 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 180653 for review Message-ID: <201007081820.o68IKrMH092616@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@180653?ac=10 Change 180653 by trasz@trasz_victim on 2010/07/08 18:20:09 Add proper error handling to hrl_proc_fork(). Affected files ... .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_container.c#11 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#81 edit .. //depot/projects/soc2009/trasz_limits/sys/sys/hrl.h#46 edit Differences ... ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_container.c#11 (text+ko) ==== @@ -377,6 +377,9 @@ rusage_set(p, RUSAGE_PTY, 0); mtx_lock(&container_lock); +#ifdef HRL + hrl_proc_exit(p); +#endif container_destroy(&p->p_container); mtx_unlock(&container_lock); } @@ -442,6 +445,14 @@ } } +#ifdef HRL + error = hrl_proc_fork(parent, child); + if (error) { + container_destroy(&child->p_container); + goto out; + } +#endif + out: mtx_unlock(&container_lock); PROC_UNLOCK(child); ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#81 (text+ko) ==== @@ -1525,7 +1525,7 @@ container_leave(&p->p_container, &olduip->ui_container); error = container_join(&p->p_container, &newuip->ui_container); - KASSERT(error == 0, ("hrl_proc_init: better error handling needed")); + KASSERT(error == 0, ("hrl_proc_ucred_changing: better error handling needed")); } if (newlc != oldlc) { LIST_FOREACH(link, &newlc->lc_container.c_rule_links, hrl_next) { @@ -1535,7 +1535,7 @@ container_leave(&p->p_container, &oldlc->lc_container); error = container_join(&p->p_container, &newlc->lc_container); - KASSERT(error == 0, ("hrl_proc_init: better error handling needed")); + KASSERT(error == 0, ("hrl_proc_ucred_changing: better error handling needed")); } if (newpr != oldpr) { LIST_FOREACH(link, &newpr->pr_container.c_rule_links, hrl_next) { @@ -1545,7 +1545,7 @@ container_leave(&p->p_container, &oldpr->pr_container); error = container_join(&p->p_container, &newpr->pr_container); - KASSERT(error == 0, ("hrl_proc_init: better error handling needed")); + KASSERT(error == 0, ("hrl_proc_ucred_changing: better error handling needed")); } mtx_unlock(&container_lock); @@ -1554,16 +1554,13 @@ /* * Assign HRL rules to the newly created process. */ -static void -hrl_proc_fork(void *arg __unused, struct proc *parent, struct proc *child, - int flags __unused) +int +hrl_proc_fork(struct proc *parent, struct proc *child) { int error; struct hrl_rule_link *link; struct hrl_rule *rule; - PROC_LOCK(parent); - PROC_LOCK(child); mtx_lock(&container_lock); /* @@ -1574,29 +1571,41 @@ LIST_FOREACH(link, &parent->p_container.c_rule_links, hrl_next) { if (link->hrl_rule->hr_subject_type == HRL_SUBJECT_TYPE_PROCESS) { rule = hrl_rule_duplicate(link->hrl_rule, M_NOWAIT); - KASSERT(rule != NULL, ("XXX: better error handling needed")); + if (rule == NULL) + goto fail; KASSERT(rule->hr_subject.hs_proc == parent, ("rule->hr_subject.hs_proc == parent")); rule->hr_subject.hs_proc = child; error = hrl_container_add_rule_locked(&child->p_container, rule); - KASSERT(error == 0, ("XXX: better error handling needed")); hrl_rule_release(rule); + if (error) + goto fail; } else { error = hrl_container_add_rule_locked(&child->p_container, link->hrl_rule); - KASSERT(error == 0, ("XXX: better error handling needed")); + if (error) + goto fail; } } mtx_unlock(&container_lock); - PROC_UNLOCK(child); - PROC_UNLOCK(parent); + return (0); + +fail: + while (!LIST_EMPTY(&child->p_container.c_rule_links)) { + link = LIST_FIRST(&child->p_container.c_rule_links); + LIST_REMOVE(link, hrl_next); + hrl_rule_release(link->hrl_rule); + uma_zfree(hrl_rule_link_zone, link); + } + mtx_unlock(&container_lock); + return (EAGAIN); } /* * Go through the process' limits, freeing them. */ -static void -hrl_proc_exit(void *arg __unused, struct proc *p) +void +hrl_proc_exit(struct proc *p) { struct hrl_rule_link *link; @@ -1618,10 +1627,6 @@ NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); hrl_rule_zone = uma_zcreate("hrl_rule", sizeof(struct hrl_rule), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); - EVENTHANDLER_REGISTER(process_fork, hrl_proc_fork, NULL, - EVENTHANDLER_PRI_ANY); - EVENTHANDLER_REGISTER(process_exit, hrl_proc_exit, NULL, - EVENTHANDLER_PRI_ANY); } #else /* !HRL */ ==== //depot/projects/soc2009/trasz_limits/sys/sys/hrl.h#46 (text+ko) ==== @@ -122,7 +122,8 @@ int hrl_enforce_proc(struct proc *p, int resource, uint64_t amount); const char *hrl_resource_name(int resource); - +int hrl_proc_fork(struct proc *parent, struct proc *child); +void hrl_proc_exit(struct proc *p); #else /* !_KERNEL */ /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007081820.o68IKrMH092616>