[Midnightbsd-cvs] src [9303] trunk/sys/kern: mqueue, ksem, shm: Fix race condition with setting UF_EXCLOSE.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Thu Mar 2 18:28:54 EST 2017
Revision: 9303
http://svnweb.midnightbsd.org/src/?rev=9303
Author: laffer1
Date: 2017-03-02 18:28:54 -0500 (Thu, 02 Mar 2017)
Log Message:
-----------
mqueue,ksem,shm: Fix race condition with setting UF_EXCLOSE.
POSIX mqueue, compatibility ksem and POSIX shm create a file descriptor that
has close-on-exec set. However, they do this incorrectly, leaving a window
where a thread may fork and exec while the flag has not been set yet. The
race is easily reproduced on a multicore system with one thread doing
shm_open and close and another thread doing posix_spawnp and waitpid.
Set UF_EXCLOSE via falloc()'s flags argument instead. This also simplifies
the code.
Modified Paths:
--------------
trunk/sys/kern/uipc_mqueue.c
trunk/sys/kern/uipc_sem.c
trunk/sys/kern/uipc_shm.c
Modified: trunk/sys/kern/uipc_mqueue.c
===================================================================
--- trunk/sys/kern/uipc_mqueue.c 2017-03-02 23:27:59 UTC (rev 9302)
+++ trunk/sys/kern/uipc_mqueue.c 2017-03-02 23:28:54 UTC (rev 9303)
@@ -1977,7 +1977,7 @@
if (len < 2 || path[0] != '/' || index(path + 1, '/') != NULL)
return (EINVAL);
- error = falloc(td, &fp, &fd, 0);
+ error = falloc(td, &fp, &fd, O_CLOEXEC);
if (error)
return (error);
@@ -2032,10 +2032,6 @@
finit(fp, flags & (FREAD | FWRITE | O_NONBLOCK), DTYPE_MQUEUE, pn,
&mqueueops);
- FILEDESC_XLOCK(fdp);
- if (fdp->fd_ofiles[fd] == fp)
- fdp->fd_ofileflags[fd] |= UF_EXCLOSE;
- FILEDESC_XUNLOCK(fdp);
td->td_retval[0] = fd;
fdrop(fp, td);
return (0);
Modified: trunk/sys/kern/uipc_sem.c
===================================================================
--- trunk/sys/kern/uipc_sem.c 2017-03-02 23:27:59 UTC (rev 9302)
+++ trunk/sys/kern/uipc_sem.c 2017-03-02 23:28:54 UTC (rev 9303)
@@ -485,7 +485,7 @@
fdp = td->td_proc->p_fd;
mode = (mode & ~fdp->fd_cmask) & ACCESSPERMS;
- error = falloc(td, &fp, &fd, 0);
+ error = falloc(td, &fp, &fd, O_CLOEXEC);
if (error) {
if (name == NULL)
error = ENOSPC;
@@ -578,10 +578,6 @@
finit(fp, FREAD | FWRITE, DTYPE_SEM, ks, &ksem_ops);
- FILEDESC_XLOCK(fdp);
- if (fdp->fd_ofiles[fd] == fp)
- fdp->fd_ofileflags[fd] |= UF_EXCLOSE;
- FILEDESC_XUNLOCK(fdp);
fdrop(fp, td);
return (0);
Modified: trunk/sys/kern/uipc_shm.c
===================================================================
--- trunk/sys/kern/uipc_shm.c 2017-03-02 23:27:59 UTC (rev 9302)
+++ trunk/sys/kern/uipc_shm.c 2017-03-02 23:28:54 UTC (rev 9303)
@@ -533,7 +533,7 @@
fdp = td->td_proc->p_fd;
cmode = (uap->mode & ~fdp->fd_cmask) & ACCESSPERMS;
- error = falloc(td, &fp, &fd, 0);
+ error = falloc(td, &fp, &fd, O_CLOEXEC);
if (error)
return (error);
@@ -628,10 +628,6 @@
finit(fp, FFLAGS(uap->flags & O_ACCMODE), DTYPE_SHM, shmfd, &shm_ops);
- FILEDESC_XLOCK(fdp);
- if (fdp->fd_ofiles[fd] == fp)
- fdp->fd_ofileflags[fd] |= UF_EXCLOSE;
- FILEDESC_XUNLOCK(fdp);
td->td_retval[0] = fd;
fdrop(fp, td);
More information about the Midnightbsd-cvs
mailing list