Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-doc
 Path: blob/main/website/static/security/patches/EN-14:06/exec-10.patch
18096 views
1
Index: sys/sys/proc.h

2
===================================================================

3
--- sys/sys/proc.h	(revision 266581)

4
+++ sys/sys/proc.h	(revision 266582)

5
@@ -425,6 +425,7 @@ do {									\

6
 #define	TDP_NERRNO	0x08000000 /* Last errno is already in td_errno */

7
 #define	TDP_UIOHELD	0x10000000 /* Current uio has pages held in td_ma */

8
 #define	TDP_DEVMEMIO	0x20000000 /* Accessing memory for /dev/mem */

9
+#define	TDP_EXECVMSPC	0x40000000 /* Execve destroyed old vmspace */

10
 

11
 /*

12
  * Reasons that the current thread can not be run yet.

13
Index: sys/kern/kern_exec.c

14
===================================================================

15
--- sys/kern/kern_exec.c	(revision 266581)

16
+++ sys/kern/kern_exec.c	(revision 266582)

17
@@ -283,6 +283,7 @@ kern_execve(td, args, mac_p)

18
 	struct mac *mac_p;

19
 {

20
 	struct proc *p = td->td_proc;

21
+	struct vmspace *oldvmspace;

22
 	int error;

23
 

24
 	AUDIT_ARG_ARGV(args->begin_argv, args->argc,

25
@@ -299,6 +300,8 @@ kern_execve(td, args, mac_p)

26
 		PROC_UNLOCK(p);

27
 	}

28
 

29
+	KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve"));

30
+	oldvmspace = td->td_proc->p_vmspace;

31
 	error = do_execve(td, args, mac_p);

32
 

33
 	if (p->p_flag & P_HADTHREADS) {

34
@@ -313,6 +316,12 @@ kern_execve(td, args, mac_p)

35
 			thread_single_end();

36
 		PROC_UNLOCK(p);

37
 	}

38
+	if ((td->td_pflags & TDP_EXECVMSPC) != 0) {

39
+		KASSERT(td->td_proc->p_vmspace != oldvmspace,

40
+		    ("oldvmspace still used"));

41
+		vmspace_free(oldvmspace);

42
+		td->td_pflags &= ~TDP_EXECVMSPC;

43
+	}

44
 

45
 	return (error);

46
 }

47
Index: sys/vm/vm_map.c

48
===================================================================

49
--- sys/vm/vm_map.c	(revision 266581)

50
+++ sys/vm/vm_map.c	(revision 266582)

51
@@ -3751,6 +3751,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser,

52
 	struct vmspace *oldvmspace = p->p_vmspace;

53
 	struct vmspace *newvmspace;

54
 

55
+	KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0,

56
+	    ("vmspace_exec recursed"));

57
 	newvmspace = vmspace_alloc(minuser, maxuser, NULL);

58
 	if (newvmspace == NULL)

59
 		return (ENOMEM);

60
@@ -3767,7 +3769,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser,

61
 	PROC_VMSPACE_UNLOCK(p);

62
 	if (p == curthread->td_proc)

63
 		pmap_activate(curthread);

64
-	vmspace_free(oldvmspace);

65
+	curthread->td_pflags |= TDP_EXECVMSPC;

66
 	return (0);

67
 }

68
 

69
Index: .

70
===================================================================

71
--- .	(revision 266581)

72
+++ .	(revision 266582)

73


74
Property changes on: .

75
___________________________________________________________________

76
Modified: svn:mergeinfo

77
   Merged /head:r266464

78


79