Date: Thu, 17 Jul 2008 14:02:47 +0300 From: Kostik Belousov <kostikbel@gmail.com> To: Rick Macklem <rmacklem@uoguelph.ca> Cc: freebsd-fs@freebsd.org Subject: Re: executable open until unmount Message-ID: <20080717110247.GI17123@deviant.kiev.zoral.com.ua> In-Reply-To: <20080716154407.GG17123@deviant.kiev.zoral.com.ua> References: <Pine.GSO.4.63.0807151453130.12638@muncher.cs.uoguelph.ca> <20080715203641.GA17123@deviant.kiev.zoral.com.ua> <Pine.GSO.4.63.0807161131280.5149@muncher.cs.uoguelph.ca> <20080716154407.GG17123@deviant.kiev.zoral.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
--9DMGLuUwtsONN52s
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Jul 16, 2008 at 06:44:07PM +0300, Kostik Belousov wrote:
> On Wed, Jul 16, 2008 at 11:32:28AM -0400, Rick Macklem wrote:
> > Patch looks good. It fixed my problem and hasn't crashed the system yet=
;-)
> Did you tested both elf executables and #!-scripts ?
>=20
> >=20
> > Thanks, rick
And, in fact, the patch has a problem. Namely, it does not properly
track the opened status of the text vnode, because exec_check_permission()
could not opened it in case of error.
Please, retest the change below.
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index f4335a2..e31ca37 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -369,6 +369,7 @@ do_execve(td, args, mac_p)
imgp->entry_addr =3D 0;
imgp->vmspace_destroyed =3D 0;
imgp->interpreted =3D 0;
+ imgp->opened =3D 0;
imgp->interpreter_name =3D args->buf + PATH_MAX + ARG_MAX;
imgp->auxargs =3D NULL;
imgp->vp =3D NULL;
@@ -496,6 +497,10 @@ interpret:
interplabel =3D mac_vnode_label_alloc();
mac_vnode_copy_label(binvp->v_label, interplabel);
#endif
+ if (imgp->opened) {
+ VOP_CLOSE(binvp, FREAD, td->td_ucred, td);
+ imgp->opened =3D 0;
+ }
vput(binvp);
vm_object_deallocate(imgp->object);
imgp->object =3D NULL;
@@ -845,6 +850,8 @@ exec_fail_dealloc:
if (imgp->vp !=3D NULL) {
if (args->fname)
NDFREE(ndp, NDF_ONLY_PNBUF);
+ if (imgp->opened)
+ VOP_CLOSE(imgp->vp, FREAD, td->td_ucred, td);
vput(imgp->vp);
}
=20
@@ -1326,6 +1333,8 @@ exec_check_permissions(imgp)
* general case).
*/
error =3D VOP_OPEN(vp, FREAD, td->td_ucred, td, NULL);
+ if (error =3D=3D 0)
+ imgp->opened =3D 1;
return (error);
}
=20
diff --git a/sys/sys/imgact.h b/sys/sys/imgact.h
index 85eaea8..011a7ae 100644
--- a/sys/sys/imgact.h
+++ b/sys/sys/imgact.h
@@ -58,6 +58,7 @@ struct image_params {
unsigned long entry_addr; /* entry address of target executable */
char vmspace_destroyed; /* flag - we've blown away original vm space */
char interpreted; /* flag - this executable is interpreted */
+ char opened; /* flag - we have opened executable vnode */
char *interpreter_name; /* name of the interpreter */
void *auxargs; /* ELF Auxinfo structure pointer */
struct sf_buf *firstpage; /* first page that we mapped */
--9DMGLuUwtsONN52s
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)
iEYEARECAAYFAkh/JtcACgkQC3+MBN1Mb4jh7wCeIKzpRRAfC8k8vjZb/rcvxqZi
UUAAnRZ3AMVIOjAINZaEImONn8TVrHXQ
=7ID2
-----END PGP SIGNATURE-----
--9DMGLuUwtsONN52s--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080717110247.GI17123>