PERFORCE change 156451 for review
Robert Watson
rwatson at FreeBSD.org
Tue Jan 20 15:33:05 PST 2009
http://perforce.freebsd.org/chv.cgi?CH=156451
Change 156451 by rwatson at rwatson_freebsd_capabilities on 2009/01/20 23:32:12
If a capability-mode process manages to get into namei(),
print a stack trace if KDB is compiled into the kernel.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/vfs_lookup.c#6 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/vfs_lookup.c#6 (text+ko) ====
@@ -37,6 +37,7 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD: src/sys/kern/vfs_lookup.c,v 1.117 2008/12/18 11:58:12 kib Exp $");
+#include "opt_kdb.h"
#include "opt_ktrace.h"
#include "opt_mac.h"
@@ -54,6 +55,9 @@
#include <sys/proc.h>
#include <sys/syscallsubr.h>
#include <sys/sysctl.h>
+#ifdef KDB
+#include <sys/kdb.h>
+#endif
#ifdef KTRACE
#include <sys/ktrace.h>
#endif
@@ -128,6 +132,14 @@
struct proc *p = td->td_proc;
int vfslocked;
+#ifdef KDB
+ if (td->td_ucred->cr_flags & CRED_FLAG_CAPMODE) {
+ printf("namei: pid %d proc %s performed namei in capability "
+ "mode\n", p->p_pid, p->p_comm);
+ kdb_backtrace();
+ }
+#endif
+
KASSERT((cnp->cn_flags & MPSAFE) != 0 || mtx_owned(&Giant) != 0,
("NOT MPSAFE and Giant not held"));
ndp->ni_cnd.cn_cred = ndp->ni_cnd.cn_thread->td_ucred;
More information about the p4-projects
mailing list