>Number: 37555 >Category: kern >Synopsis: vnode flags appear to be changed in non-safe manner in kern/elf_imgact.c >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Apr 29 01:20:01 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Peter Edwards >Release: 4-STABLE >Organization: >Environment: FreeBSD rocklobster 4.5-STABLE FreeBSD 4.5-STABLE #30: Mon Apr 29 08:00:03 IST 2002 petere@rocklobster:/pub/FreeBSD/work/src/sys/compile/ROCKLOBSTER i386 >Description: The "VTEXT" flag added by imgact_elf.c is added once while holding the v_interlock simple lock on the vnode in question, and once without. As well as being inconsistent, I assume there's a possible race here for 5.x, which also lacks the simple_lock() around the vnode for one case >How-To-Repeat: >Fix: --- imgact_elf.c 16 Dec 2001 18:26:16 -0000 1.73.2.9 +++ imgact_elf.c 29 Apr 2002 08:17:42 -0000 @@ -376,8 +376,11 @@ * Also make certain that the interpreter stays the same, so set * its VTEXT flag, too. */ - if (error == 0) + if (error == 0) { + simple_lock(&nd->ni_vp->v_interlock); nd->ni_vp->v_flag |= VTEXT; + simple_unlock(&nd->ni_vp->v_interlock); + } VOP_UNLOCK(nd->ni_vp, 0, p); if (error) goto fail; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
The "VTEXT" flag added by imgact_elf.c is added once while holding the v_interlock simple lock on the vnode in question, and once without. As well as being inconsistent, I assume there's a possible race here for 5.x, which also lacks the simple_lock() around the vnode for one case Fix: --- imgact_elf.c 16 Dec 2001 18:26:16 -0000 1.73.2.9 +++ imgact_elf.c 29 Apr 2002 08:17:42 -0000 @@ -376,8 +376,11 @@ * Also make certain that the interpreter stays the same, so set * its VTEXT flag, too. */ - if (error == 0) + if (error == 0) { + simple_lock(&nd->ni_vp->v_interlock); nd->ni_vp->v_flag |= VTEXT; + simple_unlock(&nd->ni_vp->v_interlock); + } VOP_UNLOCK(nd->ni_vp, 0, p); if (error) goto fail;