diff options
author | Gleb Smirnoff <glebius@FreeBSD.org> | 2021-12-14 17:38:52 +0000 |
---|---|---|
committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2021-12-14 17:38:52 +0000 |
commit | 185e659c40ef4dbd6855dfa0f735f06dfcf01c6f (patch) | |
tree | 8077afd2ae16d5c06259b391f0bdb36c77b3ea5f | |
parent | 0e6b06d5c8719597b2ec59e6856b5decbd9e65f6 (diff) | |
download | src-185e659c40ef4dbd6855dfa0f735f06dfcf01c6f.tar.gz src-185e659c40ef4dbd6855dfa0f735f06dfcf01c6f.zip |
inpcb: use locked variant of prison_check_ip*()
The pcb lookup always happens in the network epoch and in SMR section.
We can't block on a mutex due to the latter. Right now this patch opens
up a race. But soon that will be addressed by D33339.
Reviewed by: markj, jamie
Differential revision: https://reviews.freebsd.org/D33340
Fixes: de2d47842e8
-rw-r--r-- | sys/netinet/in_pcb.c | 4 | ||||
-rw-r--r-- | sys/netinet6/in6_pcb.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index ffcc93553c22..4dc3c737b914 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -2330,8 +2330,8 @@ in_pcblookup_hash_locked(struct inpcbinfo *pcbinfo, struct in_addr faddr, injail = prison_flag(inp->inp_cred, PR_IP4); if (injail) { - if (prison_check_ip4(inp->inp_cred, - &laddr) != 0) + if (prison_check_ip4_locked( + inp->inp_cred->cr_prison, &laddr) != 0) continue; } else { if (local_exact != NULL) diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c index d6c6593f2adf..f86c72958a9e 100644 --- a/sys/netinet6/in6_pcb.c +++ b/sys/netinet6/in6_pcb.c @@ -1079,8 +1079,8 @@ in6_pcblookup_hash_locked(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, injail = prison_flag(inp->inp_cred, PR_IP6); if (injail) { - if (prison_check_ip6(inp->inp_cred, - laddr) != 0) + if (prison_check_ip6_locked( + inp->inp_cred->cr_prison, laddr) != 0) continue; } else { if (local_exact != NULL) |