Page MenuHomeFreeBSD
Differential D6545

filemon exec: Cease tracing if credentials will change with the new image.
ClosedPublic
Actions

Authored by bdrewery on May 24 2016, 9:09 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 2, 2:53 AM
Unknown Object (File)
Mon, Dec 2, 2:53 AM
Unknown Object (File)
Mon, Dec 2, 2:53 AM
Unknown Object (File)
Mon, Dec 2, 2:53 AM
Unknown Object (File)
Mon, Dec 2, 2:33 AM
Unknown Object (File)
Nov 18 2024, 9:12 AM
Unknown Object (File)
Nov 16 2024, 7:30 AM
Unknown Object (File)
Nov 12 2024, 11:06 PM
View All 99 Files
Subscribers
imp

Details

Reviewers
kib
mjg
Commits
rS300890: exec: Cease tracing if credentials will change with the new image.
Summary

This also prevents tracing to a P_INEXEC process since it could race
with other processes attaching to it in filemon_event_process_exec() due
to the filemon_get_proc() race of incrementing ref and then locking the
filemon. With the no-P_INEXEC invariant in place the p_filemon may only
be the same or NULL when trying to drop it in
filemon_event_process_exec().

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

Test Plan

Ran filemon with script(1) with a suid binary and confirmed that no tracing of
the suid binary or its children were traced. Upon returning from the suid
process, the parent process continued to show its own tracing information.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

bdrewery updated this revision to Diff 16819.May 24 2016, 9:09 PM
bdrewery retitled this revision from to filemon exec: Cease tracing if credentials will change with the new image..
bdrewery updated this object.
bdrewery edited the test plan for this revision. (Show Details)
bdrewery added reviewers: kib, mjg.
Herald added a subscriber: imp. · View Herald TranscriptMay 24 2016, 9:09 PM
bdrewery added a parent revision: D6544: exec: Add credential change information into imgp for process_exec hook..May 24 2016, 9:09 PM
bdrewery updated this revision to Diff 16937.May 26 2016, 8:24 PM
  • Replace removed credential_changing with more proper credential_setid - only cease tracing if going setid
Closed by commit rS300890: exec: Cease tracing if credentials will change with the new image. (authored by bdrewery). · Explain WhyMay 27 2016, 11:57 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
dev/
filemon/
13 lines
19 lines

Diff 17020

View Options

head/sys/dev/filemon/filemon.c

Loading...
View Options

head/sys/dev/filemon/filemon_wrapper.c

Loading...