1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-29 12:03:03 +00:00
freebsd/sys/kern
Robert Watson 81158452be Push acquisition of the accept mutex out of sofree() into the caller
(sorele()/sotryfree()):

- This permits the caller to acquire the accept mutex before the socket
  mutex, avoiding sofree() having to drop the socket mutex and re-order,
  which could lead to races permitting more than one thread to enter
  sofree() after a socket is ready to be free'd.

- This also covers clearing of the so_pcb weak socket reference from
  the protocol to the socket, preventing races in clearing and
  evaluation of the reference such that sofree() might be called more
  than once on the same socket.

This appears to close a race I was able to easily trigger by repeatedly
opening and resetting TCP connections to a host, in which the
tcp_close() code called as a result of the RST raced with the close()
of the accepted socket in the user process resulting in simultaneous
attempts to de-allocate the same socket.  The new locking increases
the overhead for operations that may potentially free the socket, so we
will want to revise the synchronization strategy here as we normalize
the reference counting model for sockets.  The use of the accept mutex
in freeing of sockets that are not listen sockets is primarily
motivated by the potential need to remove the socket from the
incomplete connection queue on its parent (listen) socket, so cleaning
up the reference model here may allow us to substantially weaken the
synchronization requirements.

RELENG_5_3 candidate.

MFC after:	3 days
Reviewed by:	dwhite
Discussed with:	gnn, dwhite, green
Reported by:	Marc UBM Bocklet <ubm at u-boot-man dot de>
Reported by:	Vlad <marchenko at gmail dot com>
2004-10-18 22:19:43 +00:00
..
bus_if.m Minor formatting fixes for lines > 80 characters 2004-08-12 17:26:22 +00:00
clock_if.m
device_if.m Minor formatting fixes for lines > 80 characters 2004-08-12 17:26:22 +00:00
genassym.sh
imgact_aout.c Change the types of vn_rdwr_inchunks()'s len and aresid arguments to 2004-06-05 02:18:28 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c On arm, set the default elf brand to FreeBSD, until the binutils do it for us. 2004-09-23 23:29:24 +00:00
imgact_gzip.c
imgact_shell.c
inflate.c
init_main.c Rework how we store process times in the kernel such that we always store 2004-10-05 18:51:11 +00:00
init_sysent.c Regen to unbreak world. 2004-10-07 01:09:46 +00:00
kern_acct.c Rework how we store process times in the kernel such that we always store 2004-10-05 18:51:11 +00:00
kern_acl.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
kern_alq.c
kern_clock.c Rework how we store process times in the kernel such that we always store 2004-10-05 18:51:11 +00:00
kern_condvar.c Refine the turnstile and sleep queue interfaces just a bit: 2004-10-12 18:36:20 +00:00
kern_conf.c Fix a LOR relating to freeing cdevs. 2004-10-01 06:33:39 +00:00
kern_context.c
kern_descrip.c Push acquisition of the accept mutex out of sofree() into the caller 2004-10-18 22:19:43 +00:00
kern_environment.c If the buffer supplied to kenv(KENV_DUMP, ...) isn't big enough, 2004-04-28 01:27:33 +00:00
kern_event.c /me gets the wrong patch out of the pr :( 2004-10-14 03:26:50 +00:00
kern_exec.c Put on my peril sensitive sunglasses and add a flags field to the internal 2004-10-11 22:04:16 +00:00
kern_exit.c Rework how we store process times in the kernel such that we always store 2004-10-05 18:51:11 +00:00
kern_fork.c Back out rev 1.240; it is unnecessary. In particular, 2004-10-06 23:53:49 +00:00
kern_idle.c Give the 4bsd scheduler the ability to wake up idle processors 2004-09-01 06:42:02 +00:00
kern_intr.c Refactor a bunch of scheduler code to give basically the same behaviour 2004-09-05 02:09:54 +00:00
kern_jail.c Add two missing includes and remove two uneeded. 2004-06-27 09:03:22 +00:00
kern_kse.c Add an execve command for kse_thr_interrupt to allow libpthread to 2004-10-07 13:50:10 +00:00
kern_kthread.c Give setrunqueue() and sched_add() more of a clue as to 2004-09-01 02:11:28 +00:00
kern_ktr.c Remove unused macro. 2004-09-20 19:01:44 +00:00
kern_ktrace.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
kern_linker.c When trying each linker class in turn with a preloaded module, exit 2004-08-27 01:20:26 +00:00
kern_lock.c Reintroduce slightly modified patch from kern/69964. Check for 2004-08-27 01:41:28 +00:00
kern_lockf.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
kern_mac.c Do a pass over all modules in the kernel and make them return EOPNOTSUPP 2004-07-15 08:26:07 +00:00
kern_malloc.c Turn VM_KMEM_SIZE_MAX and VM_KMEM_SIZE_SCALE into tunables. 2004-09-29 14:21:40 +00:00
kern_mbuf.c CTASSERT that MSZIE is a power of 2 (otherwise dtom() breaks) 2004-09-20 08:52:04 +00:00
kern_mib.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
kern_module.c Don't bother calling the module event handlers from module_shutdown() 2004-08-20 21:47:48 +00:00
kern_mtxpool.c
kern_mutex.c Refine the turnstile and sleep queue interfaces just a bit: 2004-10-12 18:36:20 +00:00
kern_ntptime.c
kern_physio.c Eliminate DEV_STRATEGY() macro: call dev_strategy() directly. 2004-09-23 14:45:04 +00:00
kern_poll.c Add a NULL param to an mi_switch() that I missed. 2004-07-03 02:38:03 +00:00
kern_proc.c Remove duplicate line. 2004-10-10 05:07:43 +00:00
kern_prot.c Remove sched_free_thread() which was only used 2004-08-31 06:12:13 +00:00
kern_resource.c Rework how we store process times in the kernel such that we always store 2004-10-05 18:51:11 +00:00
kern_sema.c Change the return value of sema_timedwait() so it returns 0 on 2004-06-14 18:19:05 +00:00
kern_shutdown.c Change the perfectly precise message 2004-10-04 13:13:23 +00:00
kern_sig.c Use scheduler api to adjust thread priority. 2004-10-05 09:10:30 +00:00
kern_subr.c Add a WITNESS_WARN() to uiomove() to whine if locks are held when this 2004-10-12 18:27:14 +00:00
kern_switch.c If a process needs to be swapped in, wakeup the swapper from within 2004-10-16 06:38:22 +00:00
kern_sx.c
kern_synch.c If a process needs to be swapped in, wakeup the swapper from within 2004-10-16 06:38:22 +00:00
kern_syscalls.c Do a pass over all modules in the kernel and make them return EOPNOTSUPP 2004-07-15 08:26:07 +00:00
kern_sysctl.c Add missing zero flag arguments to calls to userland_sysctl() 2004-10-12 07:49:15 +00:00
kern_tc.c Put on my peril sensitive sunglasses and add a flags field to the internal 2004-10-11 22:04:16 +00:00
kern_thr.c Close a race between a thread exiting and the freeing of it's stack. 2004-10-06 14:23:00 +00:00
kern_thread.c Whitespace fix. 2004-10-12 19:36:00 +00:00
kern_time.c Rework how we store process times in the kernel such that we always store 2004-10-05 18:51:11 +00:00
kern_timeout.c Cut a KTR record whenever a callout is invoked. Mark whether it runs 2004-08-06 21:49:00 +00:00
kern_umtx.c writers must hold both sched_lock and the process lock; therefore, readers 2004-07-12 15:28:31 +00:00
kern_uuid.c
kern_xxx.c Add missing zero flag arguments to calls to userland_sysctl() 2004-10-12 07:49:15 +00:00
ksched.c
link_elf_obj.c Add support for completing the installation of ELF relocatable 2004-08-29 01:21:51 +00:00
link_elf.c Normalize the VM wiring done with SPARSE_MAPPING: check for errors, and 2004-08-09 18:46:13 +00:00
linker_if.m
Make.tags.inc
Makefile
makesyscalls.sh
md4c.c
md5c.c
p1003_1b.c
posix4_mib.c
sched_4bsd.c When preempting a thread, put it back on the HEAD of its run queue. 2004-10-05 22:03:10 +00:00
sched_ule.c Fix whitespace botch that only showed up in the commit message diff :-/ 2004-10-05 22:14:02 +00:00
subr_acl_posix1e.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
subr_autoconf.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
subr_blist.c Move the definitions of SWAPBLK_NONE and SWAPBLK_MASK from vm_page.h to 2004-06-04 04:03:26 +00:00
subr_bus.c Update flags patch for the !ISA case. 2004-10-14 17:14:56 +00:00
subr_clist.c Preparation commit for the tty cleanups that will follow in the near 2004-07-15 20:47:41 +00:00
subr_clock.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
subr_devstat.c Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
subr_disk.c Add bioq_takefirst(). 2004-08-19 19:51:51 +00:00
subr_eventhandler.c
subr_hints.c
subr_kdb.c Fix a bug introduced in the previous commit: kdb_cpu_trap() gets to 2004-09-26 06:48:59 +00:00
subr_kobj.c
subr_log.c Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
subr_mbpool.c
subr_mchain.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
subr_module.c
subr_msgbuf.c
subr_param.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
subr_pcpu.c
subr_power.c
subr_prf.c Update for the KDB framework: 2004-07-10 21:43:23 +00:00
subr_prof.c - Move TDF_OWEPREEMPT, TDF_OWEUPC, and TDF_USTATCLOCK over to td_pflags 2004-07-16 21:04:55 +00:00
subr_rman.c Add a newline. 2004-08-19 20:16:09 +00:00
subr_rtc.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
subr_sbuf.c Cosmetic adjustment to previous commit: name the second argument to 2004-07-09 11:37:44 +00:00
subr_scanf.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
subr_sleepqueue.c Refine the turnstile and sleep queue interfaces just a bit: 2004-10-12 18:36:20 +00:00
subr_smp.c Move 4bsd specific experimental IP code into the 4bsd file. 2004-09-03 07:42:31 +00:00
subr_taskqueue.c Add taskqueue_drain. This waits for the specified task to finish, if 2004-10-05 04:16:01 +00:00
subr_trap.c Rework how we store process times in the kernel such that we always store 2004-10-05 18:51:11 +00:00
subr_turnstile.c Refine the turnstile and sleep queue interfaces just a bit: 2004-10-12 18:36:20 +00:00
subr_unit.c Fix a typo to fix the !DIAGNOSTIC build. 2004-09-30 18:13:18 +00:00
subr_witness.c Add entropy harvest mutex to hard-coded spin lock witness lock order, 2004-10-11 08:26:18 +00:00
sys_generic.c Poll() uses the array smallbits that is big enough to hold 32 struct 2004-08-27 21:23:50 +00:00
sys_pipe.c Major enhancements to pipe memory usage: 2004-08-16 01:27:24 +00:00
sys_process.c Add pl_flags to ptrace_lwpinfo, two flags PL_FLAG_SA and PL_FLAG_BOUND 2004-08-08 22:26:11 +00:00
sys_socket.c Push Giant acquisition down into fo_stat() from most callers. Acquire 2004-07-22 20:40:23 +00:00
syscalls.c Give kldunload a -f(orce) argument. 2004-07-13 19:36:59 +00:00
syscalls.master Regen to unbreak world. 2004-10-07 01:09:46 +00:00
sysv_ipc.c
sysv_msg.c Add missing #include <sys/module.h> 2004-05-30 20:34:58 +00:00
sysv_sem.c Add missing #include <sys/module.h> 2004-05-30 20:34:58 +00:00
sysv_shm.c Push Giant deep into vm_forkproc(), acquiring it only if the process has 2004-09-03 05:11:32 +00:00
tty_compat.c Put the pre FreeBSD-2.x tty compat code under BURN_BRIDGES. 2004-06-21 22:57:16 +00:00
tty_conf.c Preparation commit for the tty cleanups that will follow in the near 2004-07-15 20:47:41 +00:00
tty_cons.c Hold threadcount reference when we call into the underlying console 2004-09-24 07:16:56 +00:00
tty_pty.c Add new function ttyinitmode() which sets our systemwide default 2004-10-18 21:51:27 +00:00
tty_subr.c Preparation commit for the tty cleanups that will follow in the near 2004-07-15 20:47:41 +00:00
tty_tty.c Second half of the dev_t cleanup. 2004-06-17 17:16:53 +00:00
tty.c Add new function ttyinitmode() which sets our systemwide default 2004-10-18 21:51:27 +00:00
uipc_accf.c Add a global mutex, accept_filter_mtx, to protect the global list of 2004-06-01 04:08:48 +00:00
uipc_cow.c In some cases, sf_buf_alloc() should sleep with pri PCATCH; in others, it 2004-04-03 09:16:27 +00:00
uipc_domain.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
uipc_jumbo.c Use kmem_alloc_nofault() rather than kmem_alloc_pageable() for allocating 2004-07-23 19:36:18 +00:00
uipc_mbuf2.c Rename _m_tag_free() to m_tag_free_default() and make it non-static. 2004-10-11 18:40:19 +00:00
uipc_mbuf.c improve the mbuf m_print function.. Only pull length from pkthdr if there 2004-09-28 18:40:18 +00:00
uipc_proto.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
uipc_sem.c Add missing #include <sys/module.h> 2004-05-30 20:34:58 +00:00
uipc_sockbuf.c Add locking to the kqueue subsystem. This also makes the kqueue subsystem 2004-08-15 06:24:42 +00:00
uipc_socket2.c Add locking to the kqueue subsystem. This also makes the kqueue subsystem 2004-08-15 06:24:42 +00:00
uipc_socket.c Push acquisition of the accept mutex out of sofree() into the caller 2004-10-18 22:19:43 +00:00
uipc_syscalls.c Add a SOCKBUF_LOCK() to a rarely executed path in do_sendfile(). 2004-10-02 05:37:47 +00:00
uipc_usrreq.c Push acquisition of the accept mutex out of sofree() into the caller 2004-10-18 22:19:43 +00:00
vfs_acl.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
vfs_aio.c cover soreadable and sowriteable with the corresponding socketbuffer locks. 2004-10-01 05:54:06 +00:00
vfs_bio.c use dev_re[fl]thread() rather than home rolled versions. 2004-09-24 05:55:03 +00:00
vfs_cache.c Remove advertising clause from University of California Regent's license, 2004-04-05 21:03:37 +00:00
vfs_cluster.c Give cluster_write() an explicit vnode argument. 2004-09-27 19:14:10 +00:00
vfs_default.c Use vn_isdisk() to check if vnode is a disk. 2004-09-24 06:23:31 +00:00
vfs_export.c Make VFS_ROOT() and vflush() take a thread argument. 2004-07-12 08:14:09 +00:00
vfs_extattr.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
vfs_init.c Simplify initialization of va_null a little bit. 2004-09-15 21:42:03 +00:00
vfs_lookup.c Assert Giant in namei(). Bugs have been reported in which, following 2004-08-04 18:39:07 +00:00
vfs_mount.c Back out changes which were introduced to delay mounting root file system. 2004-10-05 11:26:43 +00:00
vfs_subr.c vtryrecycle: Don't rely on type VBAD alone to mean that we don't need 2004-10-06 02:09:59 +00:00
vfs_syscalls.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
vfs_vnops.c Hold dev_lock and check for NULL devsw pointer when we service FIODTYPE ioctl. 2004-09-24 06:16:48 +00:00
vnode_if.src Remove the buffercache/vnode side of BIO_DELETE processing in 2004-09-13 06:50:42 +00:00