Confusion about process states and invariants
Pawel Jakub Dawidek
pjd at FreeBSD.org
Sun Jun 27 13:13:31 GMT 2004
On Sat, Jun 26, 2004 at 12:38:43PM -0400, Robert Watson wrote:
+> Over the last two weeks, I've seen several reports of panics relating to
+> code making incorrect assumptions about process state, generally relating
+> to the "p_ucred" pointer in new and dying processes. In particular, a
+> number of pieces of code assume that if a process is reachable by the all
+> process list (or other process lists), p_ucred will be valid and non-NULL
+> if the process lock is held on the process. This results in possible NULL
+> pointer dereferences in the PRS_NEW state, and also during the tear-down
+> in kern_wait(). At first glance, the easy answer would appear to be
+> "check for p_ucred to be NULL", but I'm actually of the opinion that I'd
+> prefer we have the non-NULL p_ucred invariant actually hold true. This
+> would permit security checks to be performed properly during those
+> windows. I'm not very familiar with our process state and locking, but if
+> someone with a more qualified background in that area could comment on the
+> current issue, that would be useful.
Couldn't we move crhold() for p_ucred before it is placed on allproc list?
--
Pawel Jakub Dawidek http://www.FreeBSD.org
pjd at FreeBSD.org http://garage.freebsd.pl
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20040627/ecb9a893/attachment.bin
More information about the freebsd-arch
mailing list