Page MenuHomeFreeBSD

filemon exec: Cease tracing if credentials will change with the new image.
ClosedPublic

Authored by bdrewery on May 24 2016, 9:09 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Oct 20, 12:06 AM
Unknown Object (File)
Sat, Oct 18, 2:01 AM
Unknown Object (File)
Sat, Oct 18, 12:25 AM
Unknown Object (File)
Fri, Oct 17, 8:55 AM
Unknown Object (File)
Thu, Oct 9, 11:53 PM
Unknown Object (File)
Sat, Sep 27, 9:14 AM
Unknown Object (File)
Sep 22 2025, 9:52 AM
Unknown Object (File)
Sep 12 2025, 4:57 PM
Subscribers

Details

Summary

This also prevents tracing to a P_INEXEC process since it could race
with other processes attaching to it in filemon_event_process_exec() due
to the filemon_get_proc() race of incrementing ref and then locking the
filemon. With the no-P_INEXEC invariant in place the p_filemon may only
be the same or NULL when trying to drop it in
filemon_event_process_exec().

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

Test Plan

Ran filemon with script(1) with a suid binary and confirmed that no tracing of
the suid binary or its children were traced. Upon returning from the suid
process, the parent process continued to show its own tracing information.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 3933
Build 3976: arc lint + arc unit

Event Timeline

bdrewery retitled this revision from to filemon exec: Cease tracing if credentials will change with the new image..
bdrewery updated this object.
bdrewery edited the test plan for this revision. (Show Details)
bdrewery added reviewers: kib, mjg.
  • Replace removed credential_changing with more proper credential_setid - only cease tracing if going setid
This revision was automatically updated to reflect the committed changes.