Page MenuHomeFreeBSD

use crcopysafe(9) to update a process' credential in sys_cap_enter()
ClosedPublic

Authored by markj on Jan 5 2015, 10:12 PM.
Tags
None
Referenced Files
Unknown Object (File)
Aug 26 2025, 12:20 AM
Unknown Object (File)
Jul 20 2025, 11:36 AM
Unknown Object (File)
Jul 11 2025, 9:58 AM
Unknown Object (File)
Jul 1 2025, 9:14 AM
Unknown Object (File)
Jun 28 2025, 11:01 PM
Unknown Object (File)
Jun 27 2025, 5:14 PM
Unknown Object (File)
Jun 27 2025, 12:19 AM
Unknown Object (File)
Jun 20 2025, 3:42 AM
Subscribers
None

Details

Summary

At the moment, sys_cap_enter() uses crcopy(9) to make a copy of a process' credential struct; it sets a flag on the copy and updates the process' p_ucred to point to the new copy. All of this is done while the corresponding proc lock is held.

crcopy(9) potentially performs an M_WAITOK allocation, which is not allowed when a mutex is held. This change modifies sys_cap_enter() to use crcopysafe(9) instead, since it's designed to avoid this problem.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

markj retitled this revision from to use crcopysafe(9) to update a process' credential in sys_cap_enter().
markj updated this object.
markj edited the test plan for this revision. (Show Details)
markj added reviewers: capsicum, rwatson.
markj updated this revision to Diff 3007.

Closed by commit rS276727 (authored by @markj).