Fix the lock order reversal between the sigio lock and a process/pgrp lock in
funsetownlst() by locking the sigio lock across funsetownlst().
This commit is contained in:
parent
cb5e1f4f73
commit
c8d8a686e4
@ -571,6 +571,8 @@ funsetownlst(sigiolst)
|
||||
struct proc *p;
|
||||
struct pgrp *pg;
|
||||
|
||||
SIGIO_ASSERT(MA_OWNED);
|
||||
|
||||
sigio = SLIST_FIRST(sigiolst);
|
||||
if (sigio == NULL)
|
||||
return;
|
||||
@ -591,28 +593,30 @@ funsetownlst(sigiolst)
|
||||
}
|
||||
|
||||
while ((sigio = SLIST_FIRST(sigiolst)) != NULL) {
|
||||
SIGIO_LOCK();
|
||||
*(sigio->sio_myref) = NULL;
|
||||
SIGIO_UNLOCK();
|
||||
if (pg != NULL) {
|
||||
KASSERT(sigio->sio_pgid < 0, ("Proc sigio in pgrp sigio list"));
|
||||
KASSERT(sigio->sio_pgrp == pg, ("Bogus pgrp in sigio list"));
|
||||
SLIST_REMOVE(&pg->pg_sigiolst, sigio, sigio, sio_pgsigio);
|
||||
PGRP_UNLOCK(pg);
|
||||
SIGIO_UNLOCK();
|
||||
crfree(sigio->sio_ucred);
|
||||
mtx_lock(&Giant);
|
||||
FREE(sigio, M_SIGIO);
|
||||
mtx_unlock(&Giant);
|
||||
SIGIO_LOCK();
|
||||
PGRP_LOCK(pg);
|
||||
} else /* if (p != NULL) */ {
|
||||
KASSERT(sigio->sio_pgid > 0, ("Pgrp sigio in proc sigio list"));
|
||||
KASSERT(sigio->sio_proc == p, ("Bogus proc in sigio list"));
|
||||
SLIST_REMOVE(&p->p_sigiolst, sigio, sigio, sio_pgsigio);
|
||||
PROC_UNLOCK(p);
|
||||
SIGIO_UNLOCK();
|
||||
crfree(sigio->sio_ucred);
|
||||
mtx_lock(&Giant);
|
||||
FREE(sigio, M_SIGIO);
|
||||
mtx_unlock(&Giant);
|
||||
SIGIO_LOCK();
|
||||
PROC_LOCK(p);
|
||||
}
|
||||
}
|
||||
|
@ -191,9 +191,11 @@ exit1(td, rv)
|
||||
* Reset any sigio structures pointing to us as a result of
|
||||
* F_SETOWN with our pid.
|
||||
*/
|
||||
SIGIO_LOCK();
|
||||
PROC_LOCK(p);
|
||||
funsetownlst(&p->p_sigiolst);
|
||||
PROC_UNLOCK(p);
|
||||
SIGIO_UNLOCK();
|
||||
|
||||
/*
|
||||
* Close open files and release open-file table.
|
||||
|
@ -474,6 +474,7 @@ pgdelete(pgrp)
|
||||
PGRP_LOCK_ASSERT(pgrp, MA_NOTOWNED);
|
||||
SESS_LOCK_ASSERT(pgrp->pg_session, MA_NOTOWNED);
|
||||
|
||||
SIGIO_LOCK();
|
||||
PGRP_LOCK(pgrp);
|
||||
|
||||
/*
|
||||
@ -481,6 +482,7 @@ pgdelete(pgrp)
|
||||
* F_SETOWN with our pgid.
|
||||
*/
|
||||
funsetownlst(&pgrp->pg_sigiolst);
|
||||
SIGIO_UNLOCK();
|
||||
|
||||
if (pgrp->pg_session->s_ttyp != NULL &&
|
||||
pgrp->pg_session->s_ttyp->t_pgrp == pgrp)
|
||||
|
Loading…
Reference in New Issue
Block a user