summaryrefslogtreecommitdiffstats
path: root/sys/kern
diff options
context:
space:
mode:
authorjhb <jhb@FreeBSD.org>2009-06-01 21:17:03 +0000
committerjhb <jhb@FreeBSD.org>2009-06-01 21:17:03 +0000
commita1af9ecca44f362b24fe3a8342ca6ed8676a399c (patch)
tree13628b6be10af95db7dc7d8ef88b3291d48583ab /sys/kern
parent9956d85f164d16d3c1db67cc01f521c1c09d5fdb (diff)
downloadFreeBSD-src-a1af9ecca44f362b24fe3a8342ca6ed8676a399c.zip
FreeBSD-src-a1af9ecca44f362b24fe3a8342ca6ed8676a399c.tar.gz
Rework socket upcalls to close some races with setup/teardown of upcalls.
- Each socket upcall is now invoked with the appropriate socket buffer locked. It is not permissible to call soisconnected() with this lock held; however, so socket upcalls now return an integer value. The two possible values are SU_OK and SU_ISCONNECTED. If an upcall returns SU_ISCONNECTED, then the soisconnected() will be invoked on the socket after the socket buffer lock is dropped. - A new API is provided for setting and clearing socket upcalls. The API consists of soupcall_set() and soupcall_clear(). - To simplify locking, each socket buffer now has a separate upcall. - When a socket upcall returns SU_ISCONNECTED, the upcall is cleared from the receive socket buffer automatically. Note that a SO_SND upcall should never return SU_ISCONNECTED. - All this means that accept filters should now return SU_ISCONNECTED instead of calling soisconnected() directly. They also no longer need to explicitly clear the upcall on the new socket. - The HTTP accept filter still uses soupcall_set() to manage its internal state machine, but other accept filters no longer have any explicit knowlege of socket upcall internals aside from their return value. - The various RPC client upcalls currently drop the socket buffer lock while invoking soreceive() as a temporary band-aid. The plan for the future is to add a new flag to allow soreceive() to be called with the socket buffer locked. - The AIO callback for socket I/O is now also invoked with the socket buffer locked. Previously sowakeup() would drop the socket buffer lock only to call aio_swake() which immediately re-acquired the socket buffer lock for the duration of the function call. Discussed with: rwatson, rmacklem
Diffstat (limited to 'sys/kern')
-rw-r--r--sys/kern/uipc_sockbuf.c18
-rw-r--r--sys/kern/uipc_socket.c69
-rw-r--r--sys/kern/vfs_aio.c3
3 files changed, 78 insertions, 12 deletions
diff --git a/sys/kern/uipc_sockbuf.c b/sys/kern/uipc_sockbuf.c
index 8c0a618..2d86d74 100644
--- a/sys/kern/uipc_sockbuf.c
+++ b/sys/kern/uipc_sockbuf.c
@@ -175,6 +175,7 @@ sbunlock(struct sockbuf *sb)
void
sowakeup(struct socket *so, struct sockbuf *sb)
{
+ int ret;
SOCKBUF_LOCK_ASSERT(sb);
@@ -186,13 +187,22 @@ sowakeup(struct socket *so, struct sockbuf *sb)
wakeup(&sb->sb_cc);
}
KNOTE_LOCKED(&sb->sb_sel.si_note, 0);
+ if (sb->sb_upcall != NULL) {
+ ret = sb->sb_upcall(so, sb->sb_upcallarg, M_DONTWAIT);
+ if (ret == SU_ISCONNECTED) {
+ KASSERT(sb == &so->so_rcv,
+ ("SO_SND upcall returned SU_ISCONNECTED"));
+ soupcall_clear(so, SO_RCV);
+ }
+ } else
+ ret = SU_OK;
+ if (sb->sb_flags & SB_AIO)
+ aio_swake(so, sb);
SOCKBUF_UNLOCK(sb);
+ if (ret == SU_ISCONNECTED)
+ soisconnected(so);
if ((so->so_state & SS_ASYNC) && so->so_sigio != NULL)
pgsigio(&so->so_sigio, SIGIO, 0);
- if (sb->sb_flags & SB_UPCALL)
- (*so->so_upcall)(so, so->so_upcallarg, M_DONTWAIT);
- if (sb->sb_flags & SB_AIO)
- aio_swake(so, sb);
mtx_assert(SOCKBUF_MTX(sb), MA_NOTOWNED);
}
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index 0992b3f..80f9a55 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -3054,8 +3054,10 @@ soisconnecting(struct socket *so)
void
soisconnected(struct socket *so)
{
- struct socket *head;
+ struct socket *head;
+ int ret;
+restart:
ACCEPT_LOCK();
SOCK_LOCK(so);
so->so_state &= ~(SS_ISCONNECTING|SS_ISDISCONNECTING|SS_ISCONFIRMING);
@@ -3075,13 +3077,17 @@ soisconnected(struct socket *so)
wakeup_one(&head->so_timeo);
} else {
ACCEPT_UNLOCK();
- so->so_upcall =
- head->so_accf->so_accept_filter->accf_callback;
- so->so_upcallarg = head->so_accf->so_accept_filter_arg;
- so->so_rcv.sb_flags |= SB_UPCALL;
+ soupcall_set(so, SO_RCV,
+ head->so_accf->so_accept_filter->accf_callback,
+ head->so_accf->so_accept_filter_arg);
so->so_options &= ~SO_ACCEPTFILTER;
+ ret = head->so_accf->so_accept_filter->accf_callback(so,
+ head->so_accf->so_accept_filter_arg, M_DONTWAIT);
+ if (ret == SU_ISCONNECTED)
+ soupcall_clear(so, SO_RCV);
SOCK_UNLOCK(so);
- so->so_upcall(so, so->so_upcallarg, M_DONTWAIT);
+ if (ret == SU_ISCONNECTED)
+ goto restart;
}
return;
}
@@ -3146,6 +3152,57 @@ sodupsockaddr(const struct sockaddr *sa, int mflags)
}
/*
+ * Register per-socket buffer upcalls.
+ */
+void
+soupcall_set(struct socket *so, int which,
+ int (*func)(struct socket *, void *, int), void *arg)
+{
+ struct sockbuf *sb;
+
+ switch (which) {
+ case SO_RCV:
+ sb = &so->so_rcv;
+ break;
+ case SO_SND:
+ sb = &so->so_snd;
+ break;
+ default:
+ panic("soupcall_set: bad which");
+ }
+ SOCKBUF_LOCK_ASSERT(sb);
+#if 0
+ /* XXX: accf_http actually wants to do this on purpose. */
+ KASSERT(sb->sb_upcall == NULL, ("soupcall_set: overwriting upcall"));
+#endif
+ sb->sb_upcall = func;
+ sb->sb_upcallarg = arg;
+ sb->sb_flags |= SB_UPCALL;
+}
+
+void
+soupcall_clear(struct socket *so, int which)
+{
+ struct sockbuf *sb;
+
+ switch (which) {
+ case SO_RCV:
+ sb = &so->so_rcv;
+ break;
+ case SO_SND:
+ sb = &so->so_snd;
+ break;
+ default:
+ panic("soupcall_clear: bad which");
+ }
+ SOCKBUF_LOCK_ASSERT(sb);
+ KASSERT(sb->sb_upcall != NULL, ("soupcall_clear: no upcall to clear"));
+ sb->sb_upcall = NULL;
+ sb->sb_upcallarg = NULL;
+ sb->sb_flags &= ~SB_UPCALL;
+}
+
+/*
* Create an external-format (``xsocket'') structure using the information in
* the kernel-format socket structure pointed to by so. This is done to
* reduce the spew of irrelevant information over this interface, to isolate
diff --git a/sys/kern/vfs_aio.c b/sys/kern/vfs_aio.c
index 7cd077b..f22dea7 100644
--- a/sys/kern/vfs_aio.c
+++ b/sys/kern/vfs_aio.c
@@ -1313,12 +1313,12 @@ aio_swake_cb(struct socket *so, struct sockbuf *sb)
struct aiocblist *cb, *cbn;
int opcode;
+ SOCKBUF_LOCK_ASSERT(sb);
if (sb == &so->so_snd)
opcode = LIO_WRITE;
else
opcode = LIO_READ;
- SOCKBUF_LOCK(sb);
sb->sb_flags &= ~SB_AIO;
mtx_lock(&aio_job_mtx);
TAILQ_FOREACH_SAFE(cb, &so->so_aiojobq, list, cbn) {
@@ -1336,7 +1336,6 @@ aio_swake_cb(struct socket *so, struct sockbuf *sb)
}
}
mtx_unlock(&aio_job_mtx);
- SOCKBUF_UNLOCK(sb);
}
static int
OpenPOWER on IntegriCloud