[Cerb-commits] cerb-ng/kcerb cerb_main.c,1.42,1.43 cerb_syscalls.c,1.55,1.56 cerb_syscalls.h,1.18,1.19 cerb_sysctl.c,1.36,1.37 cerb_thread.c,1.28,1.29 cerb_thread.h,1.24,1.25 cerb_trace.c,1.13,1.14

[<da...@us...>]

Update of /cvsroot/cerber/cerb-ng/kcerb
In directory sc8-pr-cvs1:/tmp/cvs-serv31277

Modified Files:
	cerb_main.c cerb_syscalls.c cerb_syscalls.h cerb_sysctl.c 
	cerb_thread.c cerb_thread.h cerb_trace.c 
Log Message:
- When unloading check is some process doean't go through cerb's rules.
  Without this check some panics may occur when cerb is unloaded.
- Locking threads list in fcb_thread_count() now depends on argument.


Index: cerb_main.c
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_main.c,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -d -r1.42 -r1.43
--- cerb_main.c	23 Jul 2003 17:23:57 -0000	1.42
+++ cerb_main.c	3 Aug 2003 19:12:33 -0000	1.43
@@ -93,6 +93,13 @@
 		break;
 	case MOD_UNLOAD:
 		/*
+		 * Check if some process doesn't go through cerb's rules.
+		 */
+		if (vcb_codepath > 0) {
+			error = EBUSY;
+			break;
+		}
+		/*
 		 * Unloading cerb when cerb.rules.lock == 1 or
 		 * kern.securelevel >= 1 is denied.
 		 */

Index: cerb_syscalls.c
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_syscalls.c,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -d -r1.55 -r1.56
--- cerb_syscalls.c	22 Jul 2003 00:13:32 -0000	1.55
+++ cerb_syscalls.c	3 Aug 2003 19:12:34 -0000	1.56
@@ -46,6 +46,8 @@
 
 struct scb_lock	vcb_glock;
 sy_call_t	*tcb_oldscall[SYS_MAXSYSCALL];
+u_int	vcb_codepath = 0;
+struct scb_lock	vcb_cplock;
 
 
 void
@@ -82,6 +84,10 @@
 	int	ret;
 	u_int	syscall;
 
+	MCB_CODEPATH_LOCK();
+	vcb_codepath++;
+	MCB_CODEPATH_UNLOCK();
+
 #ifdef CERB_INITRUN
 	if (uap == NULL)
 		syscall = SYS_MAXSYSCALL;
@@ -89,8 +95,13 @@
 #endif
 		MCB_GETSYSCALLNO(syscall, p);
 
-	if (!MCB_ISCERBON())
-		return (tcb_oldscall[syscall](p, uap));
+	if (!MCB_ISCERBON()) {
+		ret = tcb_oldscall[syscall](p, uap);
+		MCB_CODEPATH_LOCK();
+		vcb_codepath--;
+		MCB_CODEPATH_UNLOCK();
+		return (ret);
+	}
 
 	get_mplock();
 
@@ -104,6 +115,9 @@
 	if (th == NULL) {
 		MCB_XERROR("Cannot allocate memory for thread.");
 		rel_mplock();
+		MCB_CODEPATH_LOCK();
+		vcb_codepath--;
+		MCB_CODEPATH_UNLOCK();
 		return (ENOMEM);
 	}
 
@@ -163,10 +177,6 @@
 	tcb_op[CB_CALL_O](th, NULL, 0, &retv, CB_CALL_O);
 	ret = retv.v_ret;
 end:
-	fcb_mtemp_clear(th);
-#ifdef CERB_TRACE
-	fcb_trace_clear(th);
-#endif
 #ifdef CB_DEBUG_OTHER
 	MCB_DEBUG("RETURN:%u: %d.", th->thd_syscall, ret);
 #endif
@@ -175,6 +185,10 @@
 	fcb_thread_del(th);
 
 	rel_mplock();
+
+	MCB_CODEPATH_LOCK();
+	vcb_codepath--;
+	MCB_CODEPATH_UNLOCK();
 
 	return (ret);
 }

Index: cerb_syscalls.h
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_syscalls.h,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- cerb_syscalls.h	18 Jun 2003 17:34:55 -0000	1.18
+++ cerb_syscalls.h	3 Aug 2003 19:12:34 -0000	1.19
@@ -22,6 +22,7 @@
 extern	struct scb_lock	vcb_glock;
 extern	sy_call_t	*tcb_oldscall[SYS_MAXSYSCALL];
 extern	char		*syscallnames[];
+extern	u_int		vcb_codepath;
 
 
 #define	MCB_GIANT_LOCK()	fcb_lock(curproc, &vcb_glock, "giant_lock")
@@ -31,6 +32,9 @@
 	fcb_unlock(curproc, &vcb_glock, "giant_lock");			\
 } while (0)
 
+#define	MCB_CODEPATH_LOCK()	fcb_lock(curproc, &vcb_cplock, "codepath_lock")
+#define	MCB_CODEPATH_UNLOCK()	\
+	fcb_unlock(curproc, &vcb_cplock, "codepath_lock")
 
 void    fcb_glock_init(void);
 void    fcb_scall_cache(void);

Index: cerb_sysctl.c
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_sysctl.c,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -d -r1.36 -r1.37
--- cerb_sysctl.c	13 Jul 2003 17:51:01 -0000	1.36
+++ cerb_sysctl.c	3 Aug 2003 19:12:34 -0000	1.37
@@ -227,9 +227,7 @@
 
 	CB_SYSCTL_SHUTUP_COMPILER();
 
-	MCB_THREAD_LOCK();
-	n = fcb_thread_count();
-	MCB_THREAD_UNLOCK();
+	n = fcb_thread_count(1);
 	error = sysctl_handle_int(oidp, &n, 0, req);
 	return (error);
 }

Index: cerb_thread.c
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_thread.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- cerb_thread.c	23 Jul 2003 17:23:57 -0000	1.28
+++ cerb_thread.c	3 Aug 2003 19:12:34 -0000	1.29
@@ -28,7 +28,7 @@
 
 
 struct scb_lock	vcb_thlock;
-SLIST_HEAD(, scb_thdata)	vcb_thread_head;
+SLIST_HEAD(scb_thread_head, scb_thdata)	vcb_thread_head;
 
 
 void
@@ -70,7 +70,7 @@
 	SLIST_INSERT_HEAD(&vcb_thread_head, tmp, thd_next);
 #ifdef CB_DEBUG_THREAD
 	MCB_DEBUG("Thread: Thread added! Actual number of threads: %u.",
-	    fcb_thread_count());
+	    fcb_thread_count(0));
 #endif
 fill:
 	tmp->thd_proc = p;
@@ -99,59 +99,57 @@
 void
 fcb_thread_del(register struct scb_thdata *th)
 {
-	register struct scb_thdata	*tmp;
 
 	fcb_ask_remove(th);
-	MCB_THREAD_LOCK();
-
-	SLIST_FOREACH(tmp, &vcb_thread_head, thd_next) {
-		if (tmp == th) {
-			fcb_usm_cleanup(th, th->thd_errno);
-			MCB_THREAD_UNLOCK();
-			fcb_fdguard_del(th);
-			MCB_THREAD_LOCK();
-			th->thd_proc = NULL;
-			goto end;
-		}
-	}
-#ifdef CB_DEBUG_THREAD
-	MCB_DEBUG("Thread: No thread for %s.", th->thd_proc->p_comm);
+	fcb_mtemp_clear(th);
+#ifdef CERB_TRACE
+	fcb_trace_clear(th);
 #endif
-end:
-	MCB_THREAD_UNLOCK();
+	fcb_usm_cleanup(th, th->thd_errno);
+	fcb_fdguard_del(th);
+	th->thd_proc = NULL;
 }
 
 void
 fcb_thread_clear(void)
 {
-	register struct scb_thdata	*tmp;
+	SLIST_HEAD(scb_thread_head, scb_thdata)	thread_head;
+	register struct scb_thdata	*th;
 	register u_int	i;
 
 	MCB_THREAD_LOCK();
+	bcopy(&vcb_thread_head, &thread_head, sizeof(vcb_thread_head));
+	SLIST_INIT(&vcb_thread_head);
+	MCB_THREAD_UNLOCK();
 
-	while (!SLIST_EMPTY(&vcb_thread_head)) {
-		tmp = SLIST_FIRST(&vcb_thread_head);
-		SLIST_REMOVE(&vcb_thread_head, tmp, scb_thdata, thd_next);
+	while (!SLIST_EMPTY(&thread_head)) {
+		th = SLIST_FIRST(&thread_head);
+		SLIST_REMOVE(&thread_head, th, scb_thdata, thd_next);
 		for (i = 0; i < CB_NREGS_G; ++i)
-			fcb_regfree(tmp, i);
-		if (tmp->thd_proc != NULL)
-			fcb_usm_cleanup(tmp, 0);
-		fcb_mtemp_clear(tmp);
-		MCB_FREE(tmp);
+			fcb_regfree(th, i);
+		if (th->thd_proc != NULL) {
+			th->thd_errno = 0;
+			fcb_thread_del(th);
+		}
+		MCB_FREE(th);
 	}
-
-	MCB_THREAD_UNLOCK();
 }
 
 u_int
-fcb_thread_count(void)
+fcb_thread_count(int lock)
 {
 	register struct scb_thdata	*tmp;
 	u_int	i = 0;
 
+	if (lock)
+		MCB_THREAD_LOCK();
+
 	SLIST_FOREACH(tmp, &vcb_thread_head, thd_next) {
 		++i;
 	}
+
+	if (lock)
+		MCB_THREAD_UNLOCK();
 
 	return (i);
 }

Index: cerb_thread.h
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_thread.h,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- cerb_thread.h	22 Jul 2003 00:13:32 -0000	1.24
+++ cerb_thread.h	3 Aug 2003 19:12:34 -0000	1.25
@@ -61,7 +61,7 @@
 	    void *uap, int errno, u_int step);
 void	fcb_thread_del(struct scb_thdata *th);
 void	fcb_thread_clear(void);
-u_int	fcb_thread_count(void);
+u_int	fcb_thread_count(int lock);
 struct scb_thdata *fcb_thread_find(struct proc *p);
 
 #endif /* _CERB_THEREAD_H_ */

Index: cerb_trace.c
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_trace.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- cerb_trace.c	13 Jul 2003 17:51:01 -0000	1.13
+++ cerb_trace.c	3 Aug 2003 19:12:34 -0000	1.14
@@ -49,9 +49,7 @@
 		MCB_FREE(tr1);
 		tr1 = tr2;
 	}
-#if 0
 	STAILQ_INIT(&(th->thd_trace_head));
-#endif
 }
 
 void