On Wed, 22 Jun 2005 16:52:58 -0500
Dan Nelson <[EMAIL PROTECTED]> wrote:
> In the last episode (Jun 22), Mauser said:
> > Unloading syscall kernel module can cause a system crash. It occurs
> > when we unload the module while a process is executing our syscall.
> > Example:
> >
> > $ cat kldtest.c
> ...
> > static int test_syscall(struct thread *td, void *arg) {
> > struct timeval tv;
> > tv.tv_sec = 15;
> > tv.tv_usec = 0;
> > tsleep(&test_nw,PWAIT,"test",tvtohz(&tv));
> > return 0;
> > }
> ...
> > static int test_load(struct module *mod, int cmd, void *arg) {
> > if(cmd != MOD_LOAD && cmd != MOD_UNLOAD)
> > return EOPNOTSUPP;
> > return 0;
> >
>
> In test_load, you can return a nonzero value on MOD_UNLOAD to abort an
> unload request. See the module(9) manpage for more details. You may
> need to increment a counter or hold a mutex while in the syscall to
> make it easy for test_load to determine whether it's safe to unload or
> not.
>
Yes, I know, I rtfm ;)
This issue occured to me while writing own security-related kld which
modify some syscalls and perform authorization (something like
rexec,cerb). I think that holding a mutex on each of syscalls would be a
bit inefficient. Furthermore I'll need to unset MP_SAFE flags in
modified syscalls to be 100% certain that nobody unload the module while
executing syscall (mutex _after_ calling syscall won't be enough if i'm
not mistaken).
Maciek
----------------------------------------------------------------------
OMNIXMAIL! Jesli masz telefon w sieci Era i dostep do WAP, to mozesz
na komorce odbierac poczte ze wszystkich swoich kont poczty e-mail!
OMNIXMAIL jest w Era Omnix: http://link.interia.pl/f1896
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
