CoCalc -- exec-8.patch

GitHub Repository: freebsd/freebsd-doc
Path: blob/main/website/static/security/patches/EN-14:06/exec-8.patch
¹⁸⁰⁹⁶ views
1
Index: sys/kern/kern_exec.c
2
===================================================================
3
--- sys/kern/kern_exec.c	(revision 266582)
4
+++ sys/kern/kern_exec.c	(revision 266583)
5
@@ -278,6 +278,7 @@ kern_execve(td, args, mac_p)
6
 	struct mac *mac_p;
7
 {
8
 	struct proc *p = td->td_proc;
9
+	struct vmspace *oldvmspace;
10
 	int error;
11
 
12
 	AUDIT_ARG_ARGV(args->begin_argv, args->argc,
13
@@ -294,6 +295,8 @@ kern_execve(td, args, mac_p)
14
 		PROC_UNLOCK(p);
15
 	}
16
 
17
+	KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve"));
18
+	oldvmspace = td->td_proc->p_vmspace;
19
 	error = do_execve(td, args, mac_p);
20
 
21
 	if (p->p_flag & P_HADTHREADS) {
22
@@ -308,6 +311,12 @@ kern_execve(td, args, mac_p)
23
 			thread_single_end();
24
 		PROC_UNLOCK(p);
25
 	}
26
+	if ((td->td_pflags & TDP_EXECVMSPC) != 0) {
27
+		KASSERT(td->td_proc->p_vmspace != oldvmspace,
28
+		    ("oldvmspace still used"));
29
+		vmspace_free(oldvmspace);
30
+		td->td_pflags &= ~TDP_EXECVMSPC;
31
+	}
32
 
33
 	return (error);
34
 }
35
Index: sys/kern
36
===================================================================
37
--- sys/kern	(revision 266582)
38
+++ sys/kern	(revision 266583)
39

40
Property changes on: sys/kern
41
___________________________________________________________________
42
Modified: svn:mergeinfo
43
   Merged /head/sys/kern:r266464
44
Index: sys/vm/vm_map.c
45
===================================================================
46
--- sys/vm/vm_map.c	(revision 266582)
47
+++ sys/vm/vm_map.c	(revision 266583)
48
@@ -3521,6 +3521,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser,
49
 	struct vmspace *oldvmspace = p->p_vmspace;
50
 	struct vmspace *newvmspace;
51
 
52
+	KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0,
53
+	    ("vmspace_exec recursed"));
54
 	newvmspace = vmspace_alloc(minuser, maxuser);
55
 	if (newvmspace == NULL)
56
 		return (ENOMEM);
57
@@ -3537,7 +3539,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser,
58
 	PROC_VMSPACE_UNLOCK(p);
59
 	if (p == curthread->td_proc)
60
 		pmap_activate(curthread);
61
-	vmspace_free(oldvmspace);
62
+	curthread->td_pflags |= TDP_EXECVMSPC;
63
 	return (0);
64
 }
65
 
66
Index: sys/vm
67
===================================================================
68
--- sys/vm	(revision 266582)
69
+++ sys/vm	(revision 266583)
70

71
Property changes on: sys/vm
72
___________________________________________________________________
73
Modified: svn:mergeinfo
74
   Merged /head/sys/vm:r266464
75
Index: sys/sys/proc.h
76
===================================================================
77
--- sys/sys/proc.h	(revision 266582)
78
+++ sys/sys/proc.h	(revision 266583)
79
@@ -414,6 +414,7 @@ do {									\
80
 #define	TDP_AUDITREC	0x01000000 /* Audit record pending on thread */
81
 #define	TDP_RESETSPUR	0x04000000 /* Reset spurious page fault history. */
82
 #define	TDP_NERRNO	0x08000000 /* Last errno is already in td_errno */
83
+#define	TDP_EXECVMSPC	0x40000000 /* Execve destroyed old vmspace */
84
 
85
 /*
86
  * Reasons that the current thread can not be run yet.
87
Index: sys/sys
88
===================================================================
89
--- sys/sys	(revision 266582)
90
+++ sys/sys	(revision 266583)
91

92
Property changes on: sys/sys
93
___________________________________________________________________
94
Modified: svn:mergeinfo
95
   Merged /head/sys/sys:r266464
96
Index: sys
97
===================================================================
98
--- sys	(revision 266582)
99
+++ sys	(revision 266583)
100

101
Property changes on: sys
102
___________________________________________________________________
103
Modified: svn:mergeinfo
104
   Merged /head/sys:r266464
105

106
Product

Resources

Company
