From d48f610611ee01e573ef58214ba4d2bff38e6035 Mon Sep 17 00:00:00 2001 From: rin Date: Wed, 22 Sep 2021 05:42:19 +0000 Subject: [PATCH] ksymsmmap: Add missing uao_reference(9) call for ks->ks_uobj. Fix failure for savecore(8) and subsequent kernel panic, introduced to kern_ksyms.c rev 1.03, at least for sh3 and alpha. For sh3 and alpha, savecore(8) supports coff and ecoff, respectively, via libkvm via nlist(3). nlist(3) routines for coff and ecoff use mmap(2) and munmap(2) for /dev/ksyms. This munmap(2) decrements reference count for ks->ks_uobj. Unless it is incremented in ksymsmmap(), ks->ks_uobj will be freed unexpectedly. --- sys/kern/kern_ksyms.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/kern/kern_ksyms.c b/sys/kern/kern_ksyms.c index 6e6461273170..fa36608a7e14 100644 --- a/sys/kern/kern_ksyms.c +++ b/sys/kern/kern_ksyms.c @@ -1,4 +1,4 @@ -/* $NetBSD: kern_ksyms.c,v 1.104 2021/09/11 10:09:55 riastradh Exp $ */ +/* $NetBSD: kern_ksyms.c,v 1.105 2021/09/22 05:42:19 rin Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -73,7 +73,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_ksyms.c,v 1.104 2021/09/11 10:09:55 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_ksyms.c,v 1.105 2021/09/22 05:42:19 rin Exp $"); #if defined(_KERNEL) && defined(_KERNEL_OPT) #include "opt_copy_symtab.h" @@ -1406,6 +1406,7 @@ ksymsmmap(struct file *fp, off_t *offp, size_t nbytes, int prot, int *flagsp, return EINVAL; /* XXX ??? */ /* Success! */ + uao_reference(ks->ks_uobj); *advicep = UVM_ADV_SEQUENTIAL; *uobjp = ks->ks_uobj; *maxprotp = prot & VM_PROT_READ;