From 002c06d21092890648c0a6405aef6c515a1e4ce6 Mon Sep 17 00:00:00 2001
From: avg <avg@FreeBSD.org>
Date: Fri, 22 Jun 2018 09:18:38 +0000
Subject: [PATCH] MFC r332816: call racct_proc_ucred_changed() under the proc
 lock

---
 sys/kern/kern_jail.c       | 12 ++++++++++--
 sys/kern/kern_loginclass.c |  8 +++++++-
 sys/kern/kern_prot.c       | 22 +++++++++++++++++++---
 sys/kern/kern_racct.c      |  6 +-----
 sys/kern/kern_rctl.c       |  7 +++++--
 5 files changed, 42 insertions(+), 13 deletions(-)

diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index 1197a7519ed..35dc232c106 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -50,6 +50,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/lock.h>
 #include <sys/mutex.h>
 #include <sys/racct.h>
+#include <sys/rctl.h>
 #include <sys/refcount.h>
 #include <sys/sx.h>
 #include <sys/sysent.h>
@@ -2409,9 +2410,14 @@ do_jail_attach(struct thread *td, struct prison *pr)
 	newcred->cr_prison = pr;
 	proc_set_cred(p, newcred);
 	setsugid(p);
-	PROC_UNLOCK(p);
 #ifdef RACCT
 	racct_proc_ucred_changed(p, oldcred, newcred);
+	crhold(newcred);
+#endif
+	PROC_UNLOCK(p);
+#ifdef RCTL
+	rctl_proc_ucred_changed(p, newcred);
+	crfree(newcred);
 #endif
 	prison_deref(oldcred->cr_prison, PD_DEREF | PD_DEUREF);
 	crfree(oldcred);
@@ -3959,6 +3965,7 @@ prison_racct_modify(struct prison *pr)
 	 */
 	racct_move(pr->pr_prison_racct->prr_racct, oldprr->prr_racct);
 
+#ifdef RCTL
 	/*
 	 * Force rctl to reattach rules to processes.
 	 */
@@ -3966,9 +3973,10 @@ prison_racct_modify(struct prison *pr)
 		PROC_LOCK(p);
 		cred = crhold(p->p_ucred);
 		PROC_UNLOCK(p);
-		racct_proc_ucred_changed(p, cred, cred);
+		rctl_proc_ucred_changed(p, cred);
 		crfree(cred);
 	}
+#endif
 
 	sx_sunlock(&allproc_lock);
 	prison_racct_free_locked(oldprr);
diff --git a/sys/kern/kern_loginclass.c b/sys/kern/kern_loginclass.c
index 07ef910a551..82b9cbdd131 100644
--- a/sys/kern/kern_loginclass.c
+++ b/sys/kern/kern_loginclass.c
@@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/proc.h>
 #include <sys/queue.h>
 #include <sys/racct.h>
+#include <sys/rctl.h>
 #include <sys/refcount.h>
 #include <sys/rwlock.h>
 #include <sys/sysproto.h>
@@ -222,9 +223,14 @@ sys_setloginclass(struct thread *td, struct setloginclass_args *uap)
 	oldcred = crcopysafe(p, newcred);
 	newcred->cr_loginclass = newlc;
 	proc_set_cred(p, newcred);
-	PROC_UNLOCK(p);
 #ifdef RACCT
 	racct_proc_ucred_changed(p, oldcred, newcred);
+	crhold(newcred);
+#endif
+	PROC_UNLOCK(p);
+#ifdef RCTL
+	rctl_proc_ucred_changed(p, newcred);
+	crfree(newcred);
 #endif
 	loginclass_free(oldcred->cr_loginclass);
 	crfree(oldcred);
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 9e210d3d959..4c5dfd5cfb1 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -65,6 +65,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/jail.h>
 #include <sys/pioctl.h>
 #include <sys/racct.h>
+#include <sys/rctl.h>
 #include <sys/resourcevar.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
@@ -579,9 +580,14 @@ sys_setuid(struct thread *td, struct setuid_args *uap)
 		setsugid(p);
 	}
 	proc_set_cred(p, newcred);
-	PROC_UNLOCK(p);
 #ifdef RACCT
 	racct_proc_ucred_changed(p, oldcred, newcred);
+	crhold(newcred);
+#endif
+	PROC_UNLOCK(p);
+#ifdef RCTL
+	rctl_proc_ucred_changed(p, newcred);
+	crfree(newcred);
 #endif
 	uifree(uip);
 	crfree(oldcred);
@@ -927,9 +933,14 @@ sys_setreuid(struct thread *td, struct setreuid_args *uap)
 		setsugid(p);
 	}
 	proc_set_cred(p, newcred);
-	PROC_UNLOCK(p);
 #ifdef RACCT
 	racct_proc_ucred_changed(p, oldcred, newcred);
+	crhold(newcred);
+#endif
+	PROC_UNLOCK(p);
+#ifdef RCTL
+	rctl_proc_ucred_changed(p, newcred);
+	crfree(newcred);
 #endif
 	uifree(ruip);
 	uifree(euip);
@@ -1068,9 +1079,14 @@ sys_setresuid(struct thread *td, struct setresuid_args *uap)
 		setsugid(p);
 	}
 	proc_set_cred(p, newcred);
-	PROC_UNLOCK(p);
 #ifdef RACCT
 	racct_proc_ucred_changed(p, oldcred, newcred);
+	crhold(newcred);
+#endif
+	PROC_UNLOCK(p);
+#ifdef RCTL
+	rctl_proc_ucred_changed(p, newcred);
+	crfree(newcred);
 #endif
 	uifree(ruip);
 	uifree(euip);
diff --git a/sys/kern/kern_racct.c b/sys/kern/kern_racct.c
index 2a22af1f2fe..07f0757c22a 100644
--- a/sys/kern/kern_racct.c
+++ b/sys/kern/kern_racct.c
@@ -1048,7 +1048,7 @@ racct_proc_ucred_changed(struct proc *p, struct ucred *oldcred,
 	if (!racct_enable)
 		return;
 
-	PROC_LOCK_ASSERT(p, MA_NOTOWNED);
+	PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	newuip = newcred->cr_ruidinfo;
 	olduip = oldcred->cr_ruidinfo;
@@ -1075,10 +1075,6 @@ racct_proc_ucred_changed(struct proc *p, struct ucred *oldcred,
 			    p->p_racct);
 	}
 	RACCT_UNLOCK();
-
-#ifdef RCTL
-	rctl_proc_ucred_changed(p, newcred);
-#endif
 }
 
 void
diff --git a/sys/kern/kern_rctl.c b/sys/kern/kern_rctl.c
index e4a6b9753e4..7932ea102a3 100644
--- a/sys/kern/kern_rctl.c
+++ b/sys/kern/kern_rctl.c
@@ -1954,12 +1954,15 @@ rctl_proc_ucred_changed(struct proc *p, struct ucred *newcred)
 	struct prison_racct *newprr;
 	int rulecnt, i;
 
-	ASSERT_RACCT_ENABLED();
+	if (!racct_enable)
+		return;
+
+	PROC_LOCK_ASSERT(p, MA_NOTOWNED);
 
 	newuip = newcred->cr_ruidinfo;
 	newlc = newcred->cr_loginclass;
 	newprr = newcred->cr_prison->pr_prison_racct;
-	
+
 	LIST_INIT(&newrules);
 
 again:
-- 
2.45.2