cvs commit: src/sys/kern uipc_socket.c uipc_usrreq.c
src/sys/netatm atm_cm.c atm_socket.c atm_var.h
src/sys/netgraph/bluetooth/socket
ng_btsocket_l2cap.c ng_btsocket_rfcomm.c src/sys/netinet ...
Robert Watson
rwatson at FreeBSD.org
Mon Mar 7 13:08:06 GMT 2005
rwatson 2005-03-07 13:08:05 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_5)
sys/kern uipc_socket.c uipc_usrreq.c
sys/netatm atm_cm.c atm_socket.c atm_var.h
sys/netatm/ipatm ipatm_load.c
sys/netgraph/bluetooth/socket ng_btsocket_l2cap.c
ng_btsocket_rfcomm.c
sys/netinet tcp_usrreq.c
sys/netipx spx_usrreq.c
sys/sys socketvar.h
Log:
Merge uipc_socket.c:1.233, uipc_usrreq.c:1.151, atm_cm.c:1.33,
atm_socket.c:1.23, atm_var.h:1.26, ipatm_load.c:1.l21,
ng_btsocket_l2cap.c:1.16, ng_btsocket_rfcomm.c:1.15, tcp_usrreq.c:1.15,
spx_usrreq.c:1.62, socketvar.h:1.139 from HEAD to RELENG_5:
In the current world order, solisten() implements the state transition of
a socket from a regular socket to a listening socket able to accept new
connections. As part of this state transition, solisten() calls into the
protocol to update protocol-layer state. There were several bugs in this
implementation that could result in a race wherein a TCP SYN received
in the interval between the protocol state transition and the shortly
following socket layer transition would result in a panic in the TCP code,
as the socket would be in the TCPS_LISTEN state, but the socket would not
have the SO_ACCEPTCONN flag set.
This change does the following:
- Pushes the socket state transition from the socket layer solisten() to
to socket "library" routines called from the protocol. This permits
the socket routines to be called while holding the protocol mutexes,
preventing a race exposing the incomplete socket state transition to TCP
after the TCP state transition has completed. The check for a socket
layer state transition is performed by solisten_proto_check(), and the
actual transition is performed by solisten_proto().
- Holds the socket lock for the duration of the socket state test and set,
and over the protocol layer state transition, which is now possible as
the socket lock is acquired by the protocol layer, rather than vice
versa. This prevents additional state related races in the socket
layer.
This permits the dual transition of socket layer and protocol layer state
to occur while holding locks for both layers, making the two changes
atomic with respect to one another. Similar changes are likely require
elsewhere in the socket/protocol code.
Reported by: Peter Holm <peter at holm.cc>
Review and fixes from: emax, Antoine Brodin <antoine.brodin at laposte.net>
Philosophical head nod: gnn
Note that this changes the behavior of the pru_listen() protocol entry point;
all protocols are updated to match the new behavior. We do not know of any
third party protocol implementations that this might cause problems for.
Approved by: re (kensmith)
Revision Changes Path
1.208.2.17 +42 -14 src/sys/kern/uipc_socket.c
1.138.2.13 +14 -9 src/sys/kern/uipc_usrreq.c
1.31.4.2 +13 -1 src/sys/netatm/atm_cm.c
1.20.2.3 +1 -1 src/sys/netatm/atm_socket.c
1.24.4.2 +2 -2 src/sys/netatm/atm_var.h
1.19.4.2 +2 -2 src/sys/netatm/ipatm/ipatm_load.c
1.13.2.3 +21 -6 src/sys/netgraph/bluetooth/socket/ng_btsocket_l2cap.c
1.12.2.3 +25 -19 src/sys/netgraph/bluetooth/socket/ng_btsocket_rfcomm.c
1.107.2.2 +14 -4 src/sys/netinet/tcp_usrreq.c
1.46.2.13 +7 -2 src/sys/netipx/spx_usrreq.c
1.133.2.4 +2 -0 src/sys/sys/socketvar.h
More information about the cvs-src
mailing list