git: 97453e5e7258 - main - Unlock inp when handling TCP_MD5SIG socket options
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 23 Jun 2022 14:58:47 UTC
The branch main has been updated by thj: URL: https://cgit.FreeBSD.org/src/commit/?id=97453e5e7258158042795740f2736cfca972269d commit 97453e5e7258158042795740f2736cfca972269d Author: Claudio Jeker <claudio@openbsd.org> AuthorDate: 2022-06-23 14:50:47 +0000 Commit: Tom Jones <thj@FreeBSD.org> CommitDate: 2022-06-23 14:57:56 +0000 Unlock inp when handling TCP_MD5SIG socket options Unlock the inp when hanlding TCP_MD5SIG socket options. tcp_ipsec_pcbctl handles locking the inp when the option is being modified. This was found by Claudio Jeker while working on the OpenBGPd port. On 14 we get a panic when trying to call getsockopt, on 13.1 the process locks up using 100% CPU. Reviewed by: rscheff (transport), tuexen MFC after: 3 days Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D35532 --- sys/netinet/tcp_usrreq.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index e559d8f1fe76..e05ef963375c 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -2206,13 +2206,13 @@ tcp_default_ctloutput(struct inpcb *inp, struct sockopt *sopt) switch (sopt->sopt_name) { #if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE) case TCP_MD5SIG: - if (!TCPMD5_ENABLED()) { - INP_WUNLOCK(inp); + INP_WUNLOCK(inp); + if (!TCPMD5_ENABLED()) return (ENOPROTOOPT); - } error = TCPMD5_PCBCTL(inp, sopt); if (error) return (error); + INP_WLOCK_RECHECK(inp); goto unlock_and_done; #endif /* IPSEC */ @@ -2584,10 +2584,9 @@ unlock_and_done: switch (sopt->sopt_name) { #if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE) case TCP_MD5SIG: - if (!TCPMD5_ENABLED()) { - INP_WUNLOCK(inp); + INP_WUNLOCK(inp); + if (!TCPMD5_ENABLED()) return (ENOPROTOOPT); - } error = TCPMD5_PCBCTL(inp, sopt); break; #endif