git: fc4365853f1c - main - socket: Fix handling of listening sockets in sotoxsocket()
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 12 Aug 2024 23:05:32 UTC
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=fc4365853f1c4b572d9fd643ea336508d9a6a0f7 commit fc4365853f1c4b572d9fd643ea336508d9a6a0f7 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2024-07-09 20:28:12 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2024-08-12 22:53:26 +0000 socket: Fix handling of listening sockets in sotoxsocket() A lock needs to be held to ensure that the socket does not become a listening socket while sotoxsocket() is loading fields from the socket buffers, as the memory backing the socket buffers is repurposed when transitioning to a listening socket. MFC after: 1 week Sponsored by: Klara, Inc. Sponsored by: Stormshield --- sys/kern/uipc_socket.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 0350a5eb4d87..9a44c1d557f0 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -4277,6 +4277,7 @@ sotoxsocket(struct socket *so, struct xsocket *xso) xso->so_error = so->so_error; xso->so_uid = so->so_cred->cr_uid; xso->so_pgid = so->so_sigio ? so->so_sigio->sio_pgid : 0; + SOCK_LOCK(so); if (SOLISTENING(so)) { xso->so_qlen = so->sol_qlen; xso->so_incqlen = so->sol_incqlen; @@ -4289,6 +4290,7 @@ sotoxsocket(struct socket *so, struct xsocket *xso) sbtoxsockbuf(&so->so_snd, &xso->so_snd); sbtoxsockbuf(&so->so_rcv, &xso->so_rcv); } + SOCK_UNLOCK(so); } int