diff options
| author |   art <art@openbsd.org> | 2000-05-05 08:38:23 +0000 |
|---|---|---|
| committer | art <art@openbsd.org> | 2000-05-05 08:38:23 +0000 |
| commit | c264bd148ca67552c59e1dd28b270967af9e8a03 (patch) | |
| tree | d14db12e1ea85598f9f827a06a1b0abdfca9d5b9 | |
| parent | Add limfree prototype to sys/recosurcevar.h. (diff) | |
| download | wireguard-openbsd-c264bd148ca67552c59e1dd28b270967af9e8a03.tar.xz wireguard-openbsd-c264bd148ca67552c59e1dd28b270967af9e8a03.zip | |
Don't set filesize limit to infinity on exit.
This is only needed in accounting and has to be done carefully because
the limit structures are shared between processes.
Found by Denis A. Doroshenko, analysed by Hannah Schroeter.
| -rw-r--r-- | sys/kern/kern_acct.c | 25 | ||||
| -rw-r--r-- | sys/kern/kern_exit.c | 7 |
2 files changed, 25 insertions, 7 deletions
diff --git a/sys/kern/kern_acct.c b/sys/kern/kern_acct.c index 54ff5542ad5..92555cc28a2 100644 --- a/sys/kern/kern_acct.c +++ b/sys/kern/kern_acct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_acct.c,v 1.8 2000/03/23 11:26:28 art Exp $ */ +/* $OpenBSD: kern_acct.c,v 1.9 2000/05/05 08:38:23 art Exp $ */ /* $NetBSD: kern_acct.c,v 1.42 1996/02/04 02:15:12 christos Exp $ */ /*- @@ -168,6 +168,8 @@ acct_process(p) struct timeval ut, st, tmp; int s, t; struct vnode *vp; + struct plimit *oplim = NULL; + int error; /* If accounting isn't enabled, don't bother */ vp = acctp; @@ -175,6 +177,16 @@ acct_process(p) return (0); /* + * Raise the file limit so that accounting can't be stopped by the + * user. (XXX - we should think about the cpu limit too). + */ + if (p->p_limit->p_refcnt > 1) { + oplim = p->p_limit; + p->p_limit = limcopy(p->p_limit); + } + p->p_rlimit[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; + + /* * Get process accounting information. */ @@ -222,8 +234,15 @@ acct_process(p) * Now, just write the accounting information to the file. */ VOP_LEASE(vp, p, p->p_ucred, LEASE_WRITE); - return (vn_rdwr(UIO_WRITE, vp, (caddr_t)&acct, sizeof (acct), - (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, p->p_ucred, NULL, p)); + error = vn_rdwr(UIO_WRITE, vp, (caddr_t)&acct, sizeof (acct), + (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, p->p_ucred, NULL, p); + + if (oplim) { + limfree(p->p_limit); + p->p_limit = oplim; + } + + return error; } /* diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c index 97a98643f58..a854b511733 100644 --- a/sys/kern/kern_exit.c +++ b/sys/kern/kern_exit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_exit.c,v 1.23 2000/04/20 10:03:43 art Exp $ */ +/* $OpenBSD: kern_exit.c,v 1.24 2000/05/05 08:38:23 art Exp $ */ /* $NetBSD: kern_exit.c,v 1.39 1996/04/22 01:38:25 christos Exp $ */ /* @@ -203,7 +203,6 @@ exit1(p, rv) sp->s_leader = NULL; } fixjobc(p, p->p_pgrp, 0); - p->p_rlimit[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; (void)acct_process(p); #ifdef KTRACE /* @@ -292,8 +291,8 @@ exit1(p, rv) * Other substructures are freed from wait(). */ curproc = NULL; - if (--p->p_limit->p_refcnt == 0) - FREE(p->p_limit, M_SUBPROC); + limfree(p->p_limit); + p->p_limit = NULL; /* * Finally, call machine-dependent code to release the remaining |