Re: recvmsg() "short receive" after FIONREAD

In reply to: Mark Johnston : "Re: recvmsg() "short receive" after FIONREAD"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Andriy Gapon <avg_at_freebsd.org>
Date: Sun, 12 Sep 2021 09:13:52 UTC

On 11/09/2021 21:40, Mark Johnston wrote:
> On Sat, Sep 11, 2021 at 09:25:42PM +0300, Andriy Gapon wrote:
>> So, this is what I've got:
>> diff --git a/sys/kern/sys_socket.c b/sys/kern/sys_socket.c
>> index e53b0367960b..11ee03703407 100644
>> --- a/sys/kern/sys_socket.c
>> +++ b/sys/kern/sys_socket.c
>> @@ -210,7 +210,12 @@ soo_ioctl(struct file *fp, u_long cmd, void *data, struct
>> ucred *active_cred,
>>    		if (SOLISTENING(so)) {
>>    			error = EINVAL;
>>    		} else {
>> -			*(int *)data = sbavail(&so->so_rcv);
>> +			struct sockbuf *sb;
>> +
>> +			sb = &so->so_rcv;
>> +			SOCKBUF_LOCK(sb);
>> +			*(int *)data = sbavail(sb) - sb->sb_ctl;
>> +			SOCKBUF_UNLOCK(sb);
>>    		}
>>    		break;
> 
> It should use SOCK_RECVBUF_LOCK() (see
> https://cgit.freebsd.org/src/commit/?id=74a68313b503940158a2e8e8f02626d7cdbdaff9
> ):
> 
> 	sb = &so->so_rcv;
> 	SOCK_RECVBUF_LOCK(so);
> 	if (SOLISTENING(so))
> 		error = EINVAL;
> 	else
> 		*(int *)data = sbavail(sb) - sb->sb_ctl;
> 	SOCK_RECVBUF_UNLOCK(so);
> 
> Otherwise a concurrent listen(2) will clobber the pointer used by
> SOCKBUF_LOCK().
> 

Oh, I see now.  I haven't pulled that version yet, so I could not find 
SOCK_RECVBUF_LOCK in my tree :-)

Since you have the change and you did all the thinking work anyway, could you 
please commit it?
Thanks!

-- 
Andriy Gapon