From owner-svn-src-all@FreeBSD.ORG Sat Sep 17 20:48:49 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BB1A41065670; Sat, 17 Sep 2011 20:48:49 +0000 (UTC) (envelope-from trasz@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 902F48FC08; Sat, 17 Sep 2011 20:48:49 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p8HKmnFE098545; Sat, 17 Sep 2011 20:48:49 GMT (envelope-from trasz@svn.freebsd.org) Received: (from trasz@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p8HKmns1098543; Sat, 17 Sep 2011 20:48:49 GMT (envelope-from trasz@svn.freebsd.org) Message-Id: <201109172048.p8HKmns1098543@svn.freebsd.org> From: Edward Tomasz Napierala Date: Sat, 17 Sep 2011 20:48:49 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r225642 - head/sys/kern X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Sep 2011 20:48:49 -0000 Author: trasz Date: Sat Sep 17 20:48:49 2011 New Revision: 225642 URL: http://svn.freebsd.org/changeset/base/225642 Log: Fix error handling bug that would prevent MAC structures from getting freed properly if resource limit got exceeded. Approved by: re (kib) Modified: head/sys/kern/kern_fork.c Modified: head/sys/kern/kern_fork.c ============================================================================== --- head/sys/kern/kern_fork.c Sat Sep 17 19:55:32 2011 (r225641) +++ head/sys/kern/kern_fork.c Sat Sep 17 20:48:49 2011 (r225642) @@ -863,11 +863,6 @@ fork1(struct thread *td, int flags, int } } else vm2 = NULL; -#ifdef MAC - mac_proc_init(newproc); -#endif - knlist_init_mtx(&newproc->p_klist, &newproc->p_mtx); - STAILQ_INIT(&newproc->p_ktr); /* * XXX: This is ugly; when we copy resource usage, we need to bump @@ -884,6 +879,23 @@ fork1(struct thread *td, int flags, int goto fail1; } +#ifdef RACCT + PROC_LOCK(newproc); + error = racct_add(newproc, RACCT_NPROC, 1); + error += racct_add(newproc, RACCT_NTHR, 1); + PROC_UNLOCK(newproc); + if (error != 0) { + error = EAGAIN; + goto fail1; + } +#endif + +#ifdef MAC + mac_proc_init(newproc); +#endif + knlist_init_mtx(&newproc->p_klist, &newproc->p_mtx); + STAILQ_INIT(&newproc->p_ktr); + /* We have to lock the process tree while we look for a pid. */ sx_slock(&proctree_lock); @@ -901,20 +913,6 @@ fork1(struct thread *td, int flags, int goto fail; } -#ifdef RACCT - /* - * After fork, there is exactly one thread running. - */ - PROC_LOCK(newproc); - error = racct_add(newproc, RACCT_NPROC, 1); - error += racct_add(newproc, RACCT_NTHR, 1); - PROC_UNLOCK(newproc); - if (error != 0) { - error = EAGAIN; - goto fail; - } -#endif - /* * Increment the count of procs running with this uid. Don't allow * a nonprivileged user to exceed their current limit. @@ -946,7 +944,6 @@ fork1(struct thread *td, int flags, int error = EAGAIN; fail: - racct_proc_exit(newproc); sx_sunlock(&proctree_lock); if (ppsratecheck(&lastfail, &curfail, 1)) printf("maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5).\n", @@ -956,6 +953,7 @@ fail: mac_proc_destroy(newproc); #endif fail1: + racct_proc_exit(newproc); if (vm2 != NULL) vmspace_free(vm2); uma_zfree(proc_zone, newproc);