Subject: Re: kern/35278: veriexec sometimes feeds user va to log(9)
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Elad Efrat <elad@NetBSD.org>
List: netbsd-bugs
Date: 12/23/2006 16:45:02
The following reply was made to PR kern/35278; it has been noted by GNATS.
From: Elad Efrat <elad@NetBSD.org>
To: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
Cc: gnats-bugs@NetBSD.org
Subject: Re: kern/35278: veriexec sometimes feeds user va to log(9)
Date: Sat, 23 Dec 2006 18:42:01 +0200
YAMAMOTO Takashi wrote:
>>> after some more thoughts, i remembered that you can't abuse SAVENAME for
>>> this purpose because filesystems have their own use of SAVENAME.
>>> (it's what SAVENAME is for)
>> why? check_exec() already uses it.
>
> it's safe for plain LOOKUPs.
>
>> what will happen if we use it in
>> sys_unlink() and rename_files() too?
>
> it ends up with double-free because filesystem can set
> SAVENAME and free pnbuf by itself,
>
>> (it's working okay here)
>
> it can work for some filesystems like ufs.
that sounds very ugly. what filesystems have these semantics?
-e.