Have each thread keeps its own (counted!) reference to the process's ucreds

to avoid possible use-after-free references when swapping ids in threaded processes. "Do I have the right creds?" checks are always made with the threads creds. Inspired by FreeBSD and NetBSD "right time" deraadt@
author: guenther <guenther@openbsd.org> 2014-04-18 11:51:16 +0000
committer: guenther <guenther@openbsd.org> 2014-04-18 11:51:16 +0000
commit: a9ddc28608c80433f03eded670401243dac5208d (patch)
tree: ef25dcedbf9427970755f3d5be11e756e058e542 /sys/kern/kern_exit.c
parent: no more altq hier^Where either (diff)
download: wireguard-openbsd-a9ddc28608c80433f03eded670401243dac5208d.tar.xz
wireguard-openbsd-a9ddc28608c80433f03eded670401243dac5208d.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c
index 9f16c28216a..37e7c39fbd7 100644
--- a/sys/kern/kern_exit.c
+++ b/sys/kern/kern_exit.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_exit.c,v 1.139 2014/04/17 14:52:50 guenther Exp $	*/
+/*	$OpenBSD: kern_exit.c,v 1.140 2014/04/18 11:51:17 guenther Exp $	*/
 /*	$NetBSD: kern_exit.c,v 1.39 1996/04/22 01:38:25 christos Exp $	*/
 
 /*
@@ -411,6 +411,7 @@ exit2(struct proc *p)
 void
 proc_free(struct proc *p)
 {
+	crfree(p->p_ucred);
 	pool_put(&proc_pool, p);
 	nthreads--;
 }
author	guenther <guenther@openbsd.org>	2014-04-18 11:51:16 +0000
committer	guenther <guenther@openbsd.org>	2014-04-18 11:51:16 +0000
commit	a9ddc28608c80433f03eded670401243dac5208d (patch)
tree	ef25dcedbf9427970755f3d5be11e756e058e542 /sys/kern/kern_exit.c
parent	no more altq hier^Where either (diff)
download	wireguard-openbsd-a9ddc28608c80433f03eded670401243dac5208d.tar.xz wireguard-openbsd-a9ddc28608c80433f03eded670401243dac5208d.zip