git: 4c0a0909f928 - main - pfs_readdir(): block the target process from execing

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Sun, 21 Jun 2026 11:48:12 UTC
The branch main has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=4c0a0909f928baac982b7de4bfa5b5ca7de5291a

commit 4c0a0909f928baac982b7de4bfa5b5ca7de5291a
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2026-06-07 19:32:20 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2026-06-21 11:46:53 +0000

    pfs_readdir(): block the target process from execing
    
    Reviewed by:    markj
    Tested by:      pho
    Sponsored by:   The FreeBSD Foundation
    MFC after:      1 week
    Differential revision:  https://reviews.freebsd.org/D57497
---
 sys/fs/pseudofs/pseudofs_vnops.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/sys/fs/pseudofs/pseudofs_vnops.c b/sys/fs/pseudofs/pseudofs_vnops.c
index a30b5e4f551d..d14ed15f3329 100644
--- a/sys/fs/pseudofs/pseudofs_vnops.c
+++ b/sys/fs/pseudofs/pseudofs_vnops.c
@@ -37,6 +37,7 @@
 #include <sys/ctype.h>
 #include <sys/dirent.h>
 #include <sys/fcntl.h>
+#include <sys/imgact.h>
 #include <sys/limits.h>
 #include <sys/lock.h>
 #include <sys/malloc.h>
@@ -132,6 +133,7 @@ static int
 pfs_lookup_proc(pid_t pid, struct proc **p)
 {
 	struct proc *proc;
+	struct thread *td;
 
 	proc = pfind(pid);
 	if (proc == NULL)
@@ -141,8 +143,10 @@ pfs_lookup_proc(pid_t pid, struct proc **p)
 		return (0);
 	}
 	_PHOLD(proc);
-	PROC_UNLOCK(proc);
+	td = curthread;
+	execve_block_wait(td, proc);
 	*p = proc;
+	PROC_UNLOCK(proc);
 	return (1);
 }
 
@@ -846,6 +850,7 @@ pfs_readdir(struct vop_readdir_args *va)
 	struct pfs_node *pd = pvd->pvd_pn;
 	pid_t pid = pvd->pvd_pid;
 	struct proc *p, *proc;
+	struct thread *td;
 	struct pfs_node *pn;
 	struct uio *uio;
 	struct pfsentry *pfsent, *pfsent2;
@@ -891,11 +896,13 @@ pfs_readdir(struct vop_readdir_args *va)
 	KASSERT(pid == NO_PID || proc != NULL,
 	    ("%s(): no process for pid %lu", __func__, (unsigned long)pid));
 
+	td = curthread;
 	if (pid != NO_PID) {
 		PROC_LOCK(proc);
 
 		/* check if the directory is visible to the caller */
 		if (!pfs_visible_proc(curthread, pd, proc)) {
+			execve_unblock(td, proc);
 			_PRELE(proc);
 			PROC_UNLOCK(proc);
 			pfs_unlock(pd);
@@ -955,6 +962,7 @@ pfs_readdir(struct vop_readdir_args *va)
 		resid -= PFS_DELEN;
 	}
 	if (proc != NULL) {
+		execve_unblock(td, proc);
 		_PRELE(proc);
 		PROC_UNLOCK(proc);
 	}