git: 97453e5e7258 - main - Unlock inp when handling TCP_MD5SIG socket options
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 23 Jun 2022 14:58:47 UTC
The branch main has been updated by thj:
URL: https://cgit.FreeBSD.org/src/commit/?id=97453e5e7258158042795740f2736cfca972269d
commit 97453e5e7258158042795740f2736cfca972269d
Author: Claudio Jeker <claudio@openbsd.org>
AuthorDate: 2022-06-23 14:50:47 +0000
Commit: Tom Jones <thj@FreeBSD.org>
CommitDate: 2022-06-23 14:57:56 +0000
Unlock inp when handling TCP_MD5SIG socket options
Unlock the inp when hanlding TCP_MD5SIG socket options. tcp_ipsec_pcbctl
handles locking the inp when the option is being modified.
This was found by Claudio Jeker while working on the OpenBGPd port.
On 14 we get a panic when trying to call getsockopt, on 13.1 the process
locks up using 100% CPU.
Reviewed by: rscheff (transport), tuexen
MFC after: 3 days
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D35532
---
sys/netinet/tcp_usrreq.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c
index e559d8f1fe76..e05ef963375c 100644
--- a/sys/netinet/tcp_usrreq.c
+++ b/sys/netinet/tcp_usrreq.c
@@ -2206,13 +2206,13 @@ tcp_default_ctloutput(struct inpcb *inp, struct sockopt *sopt)
switch (sopt->sopt_name) {
#if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE)
case TCP_MD5SIG:
- if (!TCPMD5_ENABLED()) {
- INP_WUNLOCK(inp);
+ INP_WUNLOCK(inp);
+ if (!TCPMD5_ENABLED())
return (ENOPROTOOPT);
- }
error = TCPMD5_PCBCTL(inp, sopt);
if (error)
return (error);
+ INP_WLOCK_RECHECK(inp);
goto unlock_and_done;
#endif /* IPSEC */
@@ -2584,10 +2584,9 @@ unlock_and_done:
switch (sopt->sopt_name) {
#if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE)
case TCP_MD5SIG:
- if (!TCPMD5_ENABLED()) {
- INP_WUNLOCK(inp);
+ INP_WUNLOCK(inp);
+ if (!TCPMD5_ENABLED())
return (ENOPROTOOPT);
- }
error = TCPMD5_PCBCTL(inp, sopt);
break;
#endif