DragonFlyBSD Kernel Audit
DF-0590 / run.sh
← back to finding ↓ download raw
#!/bin/sh
# DF-0590 run script
# Must be root (ng_socket control socket is gated by caps_priv_check
# SYSCAP_RESTRICTEDROOT at sys/netgraph/socket/ng_socket.c:172).
#
# Expected outcome on this kernel: flood completes (~1-3M frames),
# NO panic, guest stays up. The race is code-confirmed real but cannot
# fire from this vector because ng_socket sends serialize on CPU 0's
# netisr port (sys/kern/uipc_socket.c:259). See VERDICT.md.
set -e
cd "$(dirname "$0")"
if [ "$(id -u)" != "0" ]; then
    echo "must be root (ng_socket requires SYSCAP_RESTRICTEDROOT)" >&2
    exit 2
fi
echo "+ ./race 20 2"
./race 20 2
echo "RUN_OK (no panic expected; see VERDICT.md for why)"