- Use suser_cred(9) instead of checking cr_ruid directly.

- For privileged processes safe two mutex operations.

We may want to consider if this is good idea to use SUSER_ALLOWJAIL here,
but for now I didn't wanted to change the original behaviour.

Reviewed by:	rwatson

1 files changed, 10 insertions, 7 deletions

diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index c6724b7..3b2de92 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -197,7 +197,6 @@ fork1(td, flags, pages, procp)
 	struct proc **procp;
 {
 	struct proc *p1, *p2, *pptr;
-	uid_t uid;
 	struct proc *newproc;
 	int ok, trypid;
 	static int curfail, pidchecked = 0;
@@ -308,7 +307,6 @@ fork1(td, flags, pages, procp)
 	 * processes, maxproc is the limit.
 	 */
 	sx_xlock(&allproc_lock);
-	uid = td->td_ucred->cr_ruid;
 	if ((nprocs >= maxproc - 10 &&
 	    suser_cred(td->td_ucred, SUSER_RUID) != 0) ||
 	    nprocs >= maxproc) {
@@ -320,10 +318,15 @@ fork1(td, flags, pages, procp)
 	 * Increment the count of procs running with this uid. Don't allow
 	 * a nonprivileged user to exceed their current limit.
 	 */
-	PROC_LOCK(p1);
-	ok = chgproccnt(td->td_ucred->cr_ruidinfo, 1,
-		(uid != 0) ? lim_cur(p1, RLIMIT_NPROC) : 0);
-	PROC_UNLOCK(p1);
+	error = suser_cred(td->td_ucred, SUSER_RUID | SUSER_ALLOWJAIL);
+	if (error == 0)
+		ok = chgproccnt(td->td_ucred->cr_ruidinfo, 1, 0);
+	else {
+		PROC_LOCK(p1);
+		ok = chgproccnt(td->td_ucred->cr_ruidinfo, 1,
+		    lim_cur(p1, RLIMIT_NPROC));
+		PROC_UNLOCK(p1);
+	}
 	if (!ok) {
 		error = EAGAIN;
 		goto fail;
@@ -752,7 +755,7 @@ fail:
 	sx_sunlock(&proctree_lock);
 	if (ppsratecheck(&lastfail, &curfail, 1))
 		printf("maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5).\n",
-			uid);
+		    td->td_ucred->cr_ruid);
 	sx_xunlock(&allproc_lock);
 #ifdef MAC
 	mac_destroy_proc(newproc);