Page MenuHomeFreeBSD

filemon exec: Cease tracing if credentials will change with the new image.
ClosedPublic

Authored by bdrewery on May 24 2016, 9:09 PM.

Details

Summary

This also prevents tracing to a P_INEXEC process since it could race
with other processes attaching to it in filemon_event_process_exec() due
to the filemon_get_proc() race of incrementing ref and then locking the
filemon. With the no-P_INEXEC invariant in place the p_filemon may only
be the same or NULL when trying to drop it in
filemon_event_process_exec().

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

Test Plan

Ran filemon with script(1) with a suid binary and confirmed that no tracing of
the suid binary or its children were traced. Upon returning from the suid
process, the parent process continued to show its own tracing information.

Diff Detail

Repository
rS FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

bdrewery updated this revision to Diff 16819.May 24 2016, 9:09 PM
bdrewery retitled this revision from to filemon exec: Cease tracing if credentials will change with the new image..
bdrewery updated this object.
bdrewery edited the test plan for this revision. (Show Details)
bdrewery added reviewers: kib, mjg.
bdrewery updated this revision to Diff 16937.May 26 2016, 8:24 PM
  • Replace removed credential_changing with more proper credential_setid - only cease tracing if going setid
This revision was automatically updated to reflect the committed changes.