PERFORCE change 180653 for review
Edward Tomasz Napierala
trasz at FreeBSD.org
Thu Jul 8 18:20:53 UTC 2010
http://p4web.freebsd.org/@@180653?ac=10
Change 180653 by trasz at trasz_victim on 2010/07/08 18:20:09
Add proper error handling to hrl_proc_fork().
Affected files ...
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_container.c#11 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#81 edit
.. //depot/projects/soc2009/trasz_limits/sys/sys/hrl.h#46 edit
Differences ...
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_container.c#11 (text+ko) ====
@@ -377,6 +377,9 @@
rusage_set(p, RUSAGE_PTY, 0);
mtx_lock(&container_lock);
+#ifdef HRL
+ hrl_proc_exit(p);
+#endif
container_destroy(&p->p_container);
mtx_unlock(&container_lock);
}
@@ -442,6 +445,14 @@
}
}
+#ifdef HRL
+ error = hrl_proc_fork(parent, child);
+ if (error) {
+ container_destroy(&child->p_container);
+ goto out;
+ }
+#endif
+
out:
mtx_unlock(&container_lock);
PROC_UNLOCK(child);
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#81 (text+ko) ====
@@ -1525,7 +1525,7 @@
container_leave(&p->p_container, &olduip->ui_container);
error = container_join(&p->p_container, &newuip->ui_container);
- KASSERT(error == 0, ("hrl_proc_init: better error handling needed"));
+ KASSERT(error == 0, ("hrl_proc_ucred_changing: better error handling needed"));
}
if (newlc != oldlc) {
LIST_FOREACH(link, &newlc->lc_container.c_rule_links, hrl_next) {
@@ -1535,7 +1535,7 @@
container_leave(&p->p_container, &oldlc->lc_container);
error = container_join(&p->p_container, &newlc->lc_container);
- KASSERT(error == 0, ("hrl_proc_init: better error handling needed"));
+ KASSERT(error == 0, ("hrl_proc_ucred_changing: better error handling needed"));
}
if (newpr != oldpr) {
LIST_FOREACH(link, &newpr->pr_container.c_rule_links, hrl_next) {
@@ -1545,7 +1545,7 @@
container_leave(&p->p_container, &oldpr->pr_container);
error = container_join(&p->p_container, &newpr->pr_container);
- KASSERT(error == 0, ("hrl_proc_init: better error handling needed"));
+ KASSERT(error == 0, ("hrl_proc_ucred_changing: better error handling needed"));
}
mtx_unlock(&container_lock);
@@ -1554,16 +1554,13 @@
/*
* Assign HRL rules to the newly created process.
*/
-static void
-hrl_proc_fork(void *arg __unused, struct proc *parent, struct proc *child,
- int flags __unused)
+int
+hrl_proc_fork(struct proc *parent, struct proc *child)
{
int error;
struct hrl_rule_link *link;
struct hrl_rule *rule;
- PROC_LOCK(parent);
- PROC_LOCK(child);
mtx_lock(&container_lock);
/*
@@ -1574,29 +1571,41 @@
LIST_FOREACH(link, &parent->p_container.c_rule_links, hrl_next) {
if (link->hrl_rule->hr_subject_type == HRL_SUBJECT_TYPE_PROCESS) {
rule = hrl_rule_duplicate(link->hrl_rule, M_NOWAIT);
- KASSERT(rule != NULL, ("XXX: better error handling needed"));
+ if (rule == NULL)
+ goto fail;
KASSERT(rule->hr_subject.hs_proc == parent,
("rule->hr_subject.hs_proc == parent"));
rule->hr_subject.hs_proc = child;
error = hrl_container_add_rule_locked(&child->p_container, rule);
- KASSERT(error == 0, ("XXX: better error handling needed"));
hrl_rule_release(rule);
+ if (error)
+ goto fail;
} else {
error = hrl_container_add_rule_locked(&child->p_container, link->hrl_rule);
- KASSERT(error == 0, ("XXX: better error handling needed"));
+ if (error)
+ goto fail;
}
}
mtx_unlock(&container_lock);
- PROC_UNLOCK(child);
- PROC_UNLOCK(parent);
+ return (0);
+
+fail:
+ while (!LIST_EMPTY(&child->p_container.c_rule_links)) {
+ link = LIST_FIRST(&child->p_container.c_rule_links);
+ LIST_REMOVE(link, hrl_next);
+ hrl_rule_release(link->hrl_rule);
+ uma_zfree(hrl_rule_link_zone, link);
+ }
+ mtx_unlock(&container_lock);
+ return (EAGAIN);
}
/*
* Go through the process' limits, freeing them.
*/
-static void
-hrl_proc_exit(void *arg __unused, struct proc *p)
+void
+hrl_proc_exit(struct proc *p)
{
struct hrl_rule_link *link;
@@ -1618,10 +1627,6 @@
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
hrl_rule_zone = uma_zcreate("hrl_rule", sizeof(struct hrl_rule),
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
- EVENTHANDLER_REGISTER(process_fork, hrl_proc_fork, NULL,
- EVENTHANDLER_PRI_ANY);
- EVENTHANDLER_REGISTER(process_exit, hrl_proc_exit, NULL,
- EVENTHANDLER_PRI_ANY);
}
#else /* !HRL */
==== //depot/projects/soc2009/trasz_limits/sys/sys/hrl.h#46 (text+ko) ====
@@ -122,7 +122,8 @@
int hrl_enforce_proc(struct proc *p, int resource, uint64_t amount);
const char *hrl_resource_name(int resource);
-
+int hrl_proc_fork(struct proc *parent, struct proc *child);
+void hrl_proc_exit(struct proc *p);
#else /* !_KERNEL */
/*
More information about the p4-projects
mailing list