From owner-freebsd-net@FreeBSD.ORG Tue Mar 23 15:18:38 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D87316A4CE; Tue, 23 Mar 2004 15:18:38 -0800 (PST) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id BCB4643D2D; Tue, 23 Mar 2004 15:18:37 -0800 (PST) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.10/8.12.10) with ESMTP id i2NNGVxC020681; Tue, 23 Mar 2004 18:16:31 -0500 (EST) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)i2NNGVRK020678; Tue, 23 Mar 2004 18:16:31 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Tue, 23 Mar 2004 18:16:31 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Pawel Jakub Dawidek In-Reply-To: <20040323123831.GM8930@darkness.comp.waw.pl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@FreeBSD.org Subject: Re: in_pcbbind_setup(), etc. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Mar 2004 23:18:38 -0000 On Tue, 23 Mar 2004, Pawel Jakub Dawidek wrote: > I'm looking at in_pcbbind_setup() and this doesn't looks right in few > places. > > For example: 'td' can be NULL? It is offten tested, but not always, > Line 290: > if (sin->sin_addr.s_addr != INADDR_ANY) > if (prison_ip(td->td_ucred, 0, &sin->sin_addr.s_addr)) > return(EINVAL); > td_ucred is used, but 'td' is not tested. > > If this is always current thread, it can't be NULL, right? If this not > have to be current thread, we cannot touch td_ucred here, because (from > proc.h): Prior to FreeBSD 5.x, curproc could be NULL in interrupt context. With the introduction of curthread and the move to interrupt threads, curthread became always non-NULL. However, sometimes the use of curthread may not make sense. :-) I think I'd prefer it if we passed an explicit credential into a number of these situations, which could be NULL if "the system" was requesting a service as opposed to an explicit user process. However, I'm not 100% convinced that is the right approach either. Note that we have some similar "confusions" relating to use of cached credentials in sockets, etc. The whole issue probably needs to be discussed after some detailed analysis, and revisited. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research > > [...] > * k - only accessed by curthread > [...] > struct ucred *td_ucred; /* (k) Reference to credentials. */ > [...] > > Not telling that we can just remove this argument if this is always > current thread. > > -- > Pawel Jakub Dawidek http://www.FreeBSD.org > pjd@FreeBSD.org http://garage.freebsd.pl > FreeBSD committer Am I Evil? Yes, I Am! >