PERFORCE change 45360 for review

Wed Jan 14 21:38:18 GMT 2004

http://perforce.freebsd.org/chv.cgi?CH=45360

Change 45360 by rwatson at rwatson_tislabs on 2004/01/14 13:38:17

	Break out memory allocation in audit_proc_init() and
	audit_proc_fork()  into audit_proc_alloc() to match
	audit_proc_free().  This allows us to avoid memory
	allocation while holding the process mutex.  While here,
	assert the process mutex for parent and child when
	forking, since we currently believe p_au and contents will
	be protected by that lock.  While here, fix a memory leak
	in the MAC code from when process creation fails.

Affected files ...

.. //depot/projects/trustedbsd/audit2/sys/kern/init_main.c#3 edit
.. //depot/projects/trustedbsd/audit2/sys/kern/kern_fork.c#3 edit
.. //depot/projects/trustedbsd/audit2/sys/security/audit/audit.c#12 edit
.. //depot/projects/trustedbsd/audit2/sys/security/audit/kern_audit.h#11 edit

Differences ...

==== //depot/projects/trustedbsd/audit2/sys/kern/init_main.c#3 (text+ko) ====

@@ -398,6 +398,7 @@
 	p->p_ucred->cr_ruidinfo = uifind(0);
 	p->p_ucred->cr_prison = NULL;	/* Don't jail it. */
 #ifdef AUDIT
+	audit_proc_alloc(p);
 	audit_proc_init(p);
 #endif
 #ifdef MAC

==== //depot/projects/trustedbsd/audit2/sys/kern/kern_fork.c#3 (text+ko) ====

@@ -290,6 +290,9 @@
 #ifdef MAC
 	mac_init_proc(newproc);
 #endif
+#ifdef AUDIT
+	audit_proc_alloc(newproc);
+#endif
 
 	/*
 	 * Although process entries are dynamically created, we still keep
@@ -739,6 +742,12 @@
 		printf("maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5).\n",
 			uid);
 	sx_xunlock(&allproc_lock);
+#ifdef MAC
+	mac_proc_destroy(newproc);
+#endif
+#ifdef AUDIT
+	audit_proc_free(newproc);
+#endif
 	uma_zfree(proc_zone, newproc);
 	if (p1->p_flag & P_SA) {
 		PROC_LOCK(p1);

==== //depot/projects/trustedbsd/audit2/sys/security/audit/audit.c#12 (text+ko) ====

@@ -1251,6 +1251,16 @@
 	ar->k_ar.ar_valid_arg |= ARG_SVIPC_ADDR;
 }
 
+/*
+ * Allocate storage for a new process (init, or otherwise).
+ */
+void
+audit_proc_alloc(struct proc *p)
+{
+
+	p->p_au = malloc(sizeof(*p->p_au), M_AUDIT, M_WAITOK);
+}
+
 /* 
  * Initialize the audit information for the a process, presumably the first 
  * process in the system.
@@ -1261,25 +1271,19 @@
 audit_proc_init(struct proc *p)
 {
 
-	p->p_au = malloc(sizeof(*p->p_au), M_AUDIT, M_WAITOK);
 	bzero((void *)p->p_au, sizeof(*p->p_au));
 }
 
 /* 
  * Copy the audit info from the parent process to the child process when
  * a fork takes place.
- * XXX Need to check for failure from the memory allocation, in here
- * as well as in any functions that use the process auditing info.
  */
 void
 audit_proc_fork(struct proc *parent, struct proc *child)
 {
 
-	/* Always set up the audit information pointer as this function
-	 * should only be called when the proc is new. If proc structures
-	 * are ever cached and reused, then this behavior will leak memory.
-	 */
-	child->p_au = malloc(sizeof(*child->p_au), M_AUDIT, M_WAITOK);
+	PROC_LOCK_ASSERT(parent, MA_OWNED);
+	PROC_LOCK_ASSERT(child, MA_OWNED);
 	bcopy(parent->p_au, child->p_au, sizeof(*child->p_au));
 }
 

==== //depot/projects/trustedbsd/audit2/sys/security/audit/kern_audit.h#11 (text+ko) ====

@@ -154,6 +154,7 @@
 void			 audit_arg_svipc_id(int id);
 void			 audit_arg_svipc_addr(void *addr);
 
+void			 audit_proc_alloc(struct proc *p);
 void			 audit_proc_init(struct proc *p);
 void			 audit_proc_fork(struct proc *parent, 
 					 struct proc *child);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

