svn commit: r302151 - head/sys/kern
Jilles Tjoelker
jilles at FreeBSD.org
Thu Jun 23 20:59:14 UTC 2016
Author: jilles
Date: Thu Jun 23 20:59:13 2016
New Revision: 302151
URL: https://svnweb.freebsd.org/changeset/base/302151
Log:
posixshm: Fix lock leak when mac_posixshm_check_read rejects read.
While reading the code, I noticed that shm_read() returns without unlocking
foffset and rangelock if mac_posixshm_check_read() rejects the read.
Reviewed by: kib, jhb, rwatson
Approved by: re (gjb)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D6927
Modified:
head/sys/kern/uipc_shm.c
Modified: head/sys/kern/uipc_shm.c
==============================================================================
--- head/sys/kern/uipc_shm.c Thu Jun 23 20:05:59 2016 (r302150)
+++ head/sys/kern/uipc_shm.c Thu Jun 23 20:59:13 2016 (r302151)
@@ -295,14 +295,14 @@ shm_read(struct file *fp, struct uio *ui
int error;
shmfd = fp->f_data;
- foffset_lock_uio(fp, uio, flags);
- rl_cookie = rangelock_rlock(&shmfd->shm_rl, uio->uio_offset,
- uio->uio_offset + uio->uio_resid, &shmfd->shm_mtx);
#ifdef MAC
error = mac_posixshm_check_read(active_cred, fp->f_cred, shmfd);
if (error)
return (error);
#endif
+ foffset_lock_uio(fp, uio, flags);
+ rl_cookie = rangelock_rlock(&shmfd->shm_rl, uio->uio_offset,
+ uio->uio_offset + uio->uio_resid, &shmfd->shm_mtx);
error = uiomove_object(shmfd->shm_object, shmfd->shm_size, uio);
rangelock_unlock(&shmfd->shm_rl, rl_cookie, &shmfd->shm_mtx);
foffset_unlock_uio(fp, uio, flags);
More information about the svn-src-all
mailing list