Pair the VOP_OPEN call from do_execve() with the reciprocal VOP_CLOSE.

This was unnoticed because local filesystems usually do nothing
non-trivial in the close vop.

Reported and tested by:	Rick Macklem
MFC after:	2 weeks

2 files changed, 10 insertions, 0 deletions

diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index f4335a2..e31ca37 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -369,6 +369,7 @@ do_execve(td, args, mac_p)
 	imgp->entry_addr = 0;
 	imgp->vmspace_destroyed = 0;
 	imgp->interpreted = 0;
+	imgp->opened = 0;
 	imgp->interpreter_name = args->buf + PATH_MAX + ARG_MAX;
 	imgp->auxargs = NULL;
 	imgp->vp = NULL;
@@ -496,6 +497,10 @@ interpret:
 		interplabel = mac_vnode_label_alloc();
 		mac_vnode_copy_label(binvp->v_label, interplabel);
 #endif
+		if (imgp->opened) {
+			VOP_CLOSE(binvp, FREAD, td->td_ucred, td);
+			imgp->opened = 0;
+		}
 		vput(binvp);
 		vm_object_deallocate(imgp->object);
 		imgp->object = NULL;
@@ -845,6 +850,8 @@ exec_fail_dealloc:
 	if (imgp->vp != NULL) {
 		if (args->fname)
 			NDFREE(ndp, NDF_ONLY_PNBUF);
+		if (imgp->opened)
+			VOP_CLOSE(imgp->vp, FREAD, td->td_ucred, td);
 		vput(imgp->vp);
 	}
 
@@ -1326,6 +1333,8 @@ exec_check_permissions(imgp)
 	 * general case).
 	 */
 	error = VOP_OPEN(vp, FREAD, td->td_ucred, td, NULL);
+	if (error == 0)
+		imgp->opened = 1;
 	return (error);
 }
 
diff --git a/sys/sys/imgact.h b/sys/sys/imgact.h
index 85eaea8..011a7ae 100644
--- a/sys/sys/imgact.h
+++ b/sys/sys/imgact.h
@@ -58,6 +58,7 @@ struct image_params {
 	unsigned long entry_addr; /* entry address of target executable */
 	char vmspace_destroyed;	/* flag - we've blown away original vm space */
 	char interpreted;	/* flag - this executable is interpreted */
+	char opened;		/* flag - we have opened executable vnode */
 	char *interpreter_name;	/* name of the interpreter */
 	void *auxargs;		/* ELF Auxinfo structure pointer */
 	struct sf_buf *firstpage;	/* first page that we mapped */