aboutsummaryrefslogtreecommitdiff
path: root/sys/sys/unpcb.h
diff options
context:
space:
mode:
authorMark Johnston <markj@FreeBSD.org>2016-08-08 20:25:04 +0000
committerMark Johnston <markj@FreeBSD.org>2016-08-08 20:25:04 +0000
commit434ac8b6b730556948f80a3f4084580727de7208 (patch)
treea6e93970f76f6769227434d9eda15ab03f9d7ebb /sys/sys/unpcb.h
parent2f632dbb0b8060a3efd744498729503356d0a71b (diff)
downloadsrc-434ac8b6b730556948f80a3f4084580727de7208.tar.gz
src-434ac8b6b730556948f80a3f4084580727de7208.zip
Handle races with listening socket close when connecting a unix socket.
If the listening socket is closed while sonewconn() is executing, the nascent child socket is aborted, which results in recursion on the unp_link lock when the child's pru_detach method is invoked. Fix this by using a flag to mark such sockets, and skip a part of the socket's teardown during detach. Reported by: Raviprakash Darbha <rdarbha@juniper.net> Tested by: pho MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D7398
Notes
Notes: svn path=/head/; revision=303855
Diffstat (limited to 'sys/sys/unpcb.h')
-rw-r--r--sys/sys/unpcb.h14
1 files changed, 9 insertions, 5 deletions
diff --git a/sys/sys/unpcb.h b/sys/sys/unpcb.h
index 41fd5745bbd7..2547fdcbac85 100644
--- a/sys/sys/unpcb.h
+++ b/sys/sys/unpcb.h
@@ -103,11 +103,6 @@ struct unpcb {
#define UNP_WANTCRED 0x004 /* credentials wanted */
#define UNP_CONNWAIT 0x008 /* connect blocks until accepted */
-#define UNPGC_REF 0x1 /* unpcb has external ref. */
-#define UNPGC_DEAD 0x2 /* unpcb might be dead. */
-#define UNPGC_SCANNED 0x4 /* Has been scanned. */
-#define UNPGC_IGNORE_RIGHTS 0x8 /* Attached rights are freed */
-
/*
* These flags are used to handle non-atomicity in connect() and bind()
* operations on a socket: in particular, to avoid races between multiple
@@ -115,6 +110,15 @@ struct unpcb {
*/
#define UNP_CONNECTING 0x010 /* Currently connecting. */
#define UNP_BINDING 0x020 /* Currently binding. */
+#define UNP_NASCENT 0x040 /* Newborn child socket. */
+
+/*
+ * Flags in unp_gcflag.
+ */
+#define UNPGC_REF 0x1 /* unpcb has external ref. */
+#define UNPGC_DEAD 0x2 /* unpcb might be dead. */
+#define UNPGC_SCANNED 0x4 /* Has been scanned. */
+#define UNPGC_IGNORE_RIGHTS 0x8 /* Attached rights are freed */
#define sotounpcb(so) ((struct unpcb *)((so)->so_pcb))