diff options
| author |   guenther <guenther@openbsd.org> | 2014-04-18 11:51:16 +0000 |
|---|---|---|
| committer | guenther <guenther@openbsd.org> | 2014-04-18 11:51:16 +0000 |
| commit | a9ddc28608c80433f03eded670401243dac5208d (patch) | |
| tree | ef25dcedbf9427970755f3d5be11e756e058e542 /sys/kern/kern_fork.c | |
| parent | no more altq hier^Where either (diff) | |
| download | wireguard-openbsd-a9ddc28608c80433f03eded670401243dac5208d.tar.xz wireguard-openbsd-a9ddc28608c80433f03eded670401243dac5208d.zip | |
Have each thread keeps its own (counted!) reference to the process's ucreds
to avoid possible use-after-free references when swapping ids in threaded
processes. "Do I have the right creds?" checks are always made with the
threads creds.
Inspired by FreeBSD and NetBSD
"right time" deraadt@
Diffstat (limited to 'sys/kern/kern_fork.c')
| -rw-r--r-- | sys/kern/kern_fork.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 3cec607e7bb..bad4221d5d5 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_fork.c,v 1.162 2014/03/30 21:54:48 guenther Exp $ */ +/* $OpenBSD: kern_fork.c,v 1.163 2014/04/18 11:51:17 guenther Exp $ */ /* $NetBSD: kern_fork.c,v 1.29 1996/02/09 18:59:34 christos Exp $ */ /* @@ -175,8 +175,9 @@ process_new(struct proc *p, struct process *parent, int flags) (caddr_t)&pr->ps_endcopy - (caddr_t)&pr->ps_startcopy); /* post-copy fixups */ - pr->ps_ucred = parent->ps_ucred; + pr->ps_ucred = p->p_ucred; crhold(pr->ps_ucred); + KASSERT(p->p_ucred->cr_ref >= 3); /* fork thr, new thr, new process */ pr->ps_limit->p_refcnt++; /* bump references to the text vnode (for procfs) */ @@ -318,6 +319,7 @@ fork1(struct proc *curp, int flags, void *stack, pid_t *tidptr, (caddr_t)&p->p_endzero - (caddr_t)&p->p_startzero); memcpy(&p->p_startcopy, &curp->p_startcopy, (caddr_t)&p->p_endcopy - (caddr_t)&p->p_startcopy); + crhold(p->p_ucred); /* * Initialize the timeouts. |