diff options
author | rwatson <rwatson@FreeBSD.org> | 2004-06-12 20:47:32 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2004-06-12 20:47:32 +0000 |
commit | 82295697cd4bae93852c3a10a939f20227018fbd (patch) | |
tree | 2812a78c30b81fab868b44d389f32cc00ebadc47 /sys/netinet | |
parent | f6af690bdeb2e55a1bdabd5af91a8a601955e892 (diff) | |
download | FreeBSD-src-82295697cd4bae93852c3a10a939f20227018fbd.zip FreeBSD-src-82295697cd4bae93852c3a10a939f20227018fbd.tar.gz |
Extend coverage of SOCK_LOCK(so) to include so_count, the socket
reference count:
- Assert SOCK_LOCK(so) macros that directly manipulate so_count:
soref(), sorele().
- Assert SOCK_LOCK(so) in macros/functions that rely on the state of
so_count: sofree(), sotryfree().
- Acquire SOCK_LOCK(so) before calling these functions or macros in
various contexts in the stack, both at the socket and protocol
layers.
- In some cases, perform soisdisconnected() before sotryfree(), as
this could result in frobbing of a non-present socket if
sotryfree() actually frees the socket.
- Note that sofree()/sotryfree() will release the socket lock even if
they don't free the socket.
Submitted by: sam
Sponsored by: FreeBSD Foundation
Obtained from: BSD/OS
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/in_pcb.c | 1 | ||||
-rw-r--r-- | sys/netinet/tcp_subr.c | 5 | ||||
-rw-r--r-- | sys/netinet/tcp_timewait.c | 5 |
3 files changed, 7 insertions, 4 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index d957307..ad461fd 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -690,6 +690,7 @@ in_pcbdetach(inp) inp->inp_gencnt = ++ipi->ipi_gencnt; in_pcbremlists(inp); if (so) { + SOCK_LOCK(so); so->so_pcb = 0; sotryfree(so); } diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 5fca04c..3b478d6 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -1657,13 +1657,14 @@ tcp_twstart(tp) } tcp_discardcb(tp); so = inp->inp_socket; + SOCK_LOCK(so); so->so_pcb = NULL; tw->tw_cred = crhold(so->so_cred); tw->tw_so_options = so->so_options; - if (acknow) - tcp_twrespond(tw, TH_ACK); sotryfree(so); inp->inp_socket = NULL; + if (acknow) + tcp_twrespond(tw, TH_ACK); inp->inp_ppcb = (caddr_t)tw; inp->inp_vflag |= INP_TIMEWAIT; tcp_timer_2msl_reset(tw, tw_time); diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index 5fca04c..3b478d6 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -1657,13 +1657,14 @@ tcp_twstart(tp) } tcp_discardcb(tp); so = inp->inp_socket; + SOCK_LOCK(so); so->so_pcb = NULL; tw->tw_cred = crhold(so->so_cred); tw->tw_so_options = so->so_options; - if (acknow) - tcp_twrespond(tw, TH_ACK); sotryfree(so); inp->inp_socket = NULL; + if (acknow) + tcp_twrespond(tw, TH_ACK); inp->inp_ppcb = (caddr_t)tw; inp->inp_vflag |= INP_TIMEWAIT; tcp_timer_2msl_reset(tw, tw_time); |