executable open until unmount

Kostik Belousov kostikbel at gmail.com
Thu Jul 17 11:02:53 UTC 2008 

On Wed, Jul 16, 2008 at 06:44:07PM +0300, Kostik Belousov wrote:
> On Wed, Jul 16, 2008 at 11:32:28AM -0400, Rick Macklem wrote:
> > Patch looks good. It fixed my problem and hasn't crashed the system yet;-)
> Did you tested both elf executables and #!-scripts ?
> 
> > 
> > Thanks, rick

And, in fact, the patch has a problem. Namely, it does not properly
track the opened status of the text vnode, because exec_check_permission()
could not opened it in case of error.

Please, retest the change below.

diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index f4335a2..e31ca37 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -369,6 +369,7 @@ do_execve(td, args, mac_p)
 	imgp->entry_addr = 0;
 	imgp->vmspace_destroyed = 0;
 	imgp->interpreted = 0;
+	imgp->opened = 0;
 	imgp->interpreter_name = args->buf + PATH_MAX + ARG_MAX;
 	imgp->auxargs = NULL;
 	imgp->vp = NULL;
@@ -496,6 +497,10 @@ interpret:
 		interplabel = mac_vnode_label_alloc();
 		mac_vnode_copy_label(binvp->v_label, interplabel);
 #endif
+		if (imgp->opened) {
+			VOP_CLOSE(binvp, FREAD, td->td_ucred, td);
+			imgp->opened = 0;
+		}
 		vput(binvp);
 		vm_object_deallocate(imgp->object);
 		imgp->object = NULL;
@@ -845,6 +850,8 @@ exec_fail_dealloc:
 	if (imgp->vp != NULL) {
 		if (args->fname)
 			NDFREE(ndp, NDF_ONLY_PNBUF);
+		if (imgp->opened)
+			VOP_CLOSE(imgp->vp, FREAD, td->td_ucred, td);
 		vput(imgp->vp);
 	}
 
@@ -1326,6 +1333,8 @@ exec_check_permissions(imgp)
 	 * general case).
 	 */
 	error = VOP_OPEN(vp, FREAD, td->td_ucred, td, NULL);
+	if (error == 0)
+		imgp->opened = 1;
 	return (error);
 }
 
diff --git a/sys/sys/imgact.h b/sys/sys/imgact.h
index 85eaea8..011a7ae 100644
--- a/sys/sys/imgact.h
+++ b/sys/sys/imgact.h
@@ -58,6 +58,7 @@ struct image_params {
 	unsigned long entry_addr; /* entry address of target executable */
 	char vmspace_destroyed;	/* flag - we've blown away original vm space */
 	char interpreted;	/* flag - this executable is interpreted */
+	char opened;		/* flag - we have opened executable vnode */
 	char *interpreter_name;	/* name of the interpreter */
 	void *auxargs;		/* ELF Auxinfo structure pointer */
 	struct sf_buf *firstpage;	/* first page that we mapped */
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-fs/attachments/20080717/b7161f5c/attachment.pgp

More information about the freebsd-fs mailing list