d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Close a race where we were releasing the unit resource at the start

Browse Source 
of tunclose() rather than the end, and tunopen() grabbed that unit
before tunclose() finished (one process is allocating it while another
is freeing it!).

It may be worth hanging some sort of rw mutex around all specinfo
calls where d_close and the detach handler get a write lock and all
other functions get a read lock.  This would guarantee certain levels
of ``atomicity'' (is that a word?) that people may expect (I believe
Solaris does something like this).
This commit is contained in:
brian 2001-06-20 10:06:28 +00:00
parent 0f0e030db4
commit 63ca82cb84
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sys/net/if_tun.c
View File

@ -307,8 +307,7 @@ tunclose(dev_t dev, int foo, int bar, struct proc *p)
tp = dev->si_drv1;
ifp = &tp->tun_if;
err = rman_release_resource(tp->r_unit);
KASSERT(err == 0, ("Unit %d not marked open", ifp->if_unit));
KASSERT(tp->r_unit, ("Unit %d not marked open", ifp->if_unit));
tp->tun_flags &= ~TUN_OPEN;
tp->tun_pid = 0;
@ -340,6 +339,9 @@ tunclose(dev_t dev, int foo, int bar, struct proc *p)
selwakeup(&tp->tun_rsel);
TUNDEBUG ("%s%d: closed\n", ifp->if_name, ifp->if_unit);
err = rman_release_resource(tp->r_unit);
KASSERT(err == 0, ("Unit %d failed to release", ifp->if_unit));
return (0);
}