CVSROOT: /cvs
Module name: src
Changes by: chel...@cvs.openbsd.org 2021/12/05 15:00:42
Modified files:
sys/kern : kern_fork.c
sys/uvm : uvm_mmap.c
sys/sys : proc.h
Log message:
kbind(2): disable system call if not initialized before first __tfork(2)
To unlock kbind(2) we need to protect ps_kbind_addr and
ps_kbind_cookie.
The simplest way to do this is to disallow kbind(2) initialization
after the first __tfork(2) call. If the first thread does not
initialize the kbind(2) variables before __tfork(2) then we disable
kbind(2) during that first __tfork(2) call.
This is guenther@'s patch, I'm just committing it.
Discussed with guenther@, deraadt@, kettenis@, and mpi@.
ok kettenis@, positive response from mpi@, "I am busy" guenther@
