When detaching an unix domain socket, uipc_detach() checks

unp->unp_vnode pointer to detect if there is a vnode associated with (binded to) this socket and does necessary cleanup if there is. The issue is that after forced unmount this check may be too late as the unp_vnode is reclaimed and the reference is stale. To fix this provide a helper function that is called on a socket vnode reclamation to do necessary cleanup. Pointed by: kib Reviewed by: kib MFC after: 2 weeks
2012-02-25 10:15:41 +00:00 · 2012-02-25 10:15:41 +00:00 · 87f7f0cfe8
commit 87f7f0cfe8
parent 1227707e55
3 changed files with 43 additions and 0 deletions
--- a/sys/kern/uipc_usrreq.c
+++ b/sys/kern/uipc_usrreq.c
@ -2300,6 +2300,45 @@ unp_scan(struct mbuf *m0, void (*op)(struct file *))
 	}
 }

+/*
+ * A helper function called by VFS before socket-type vnode reclamation.
+ * For an active vnode it clears unp_vnode pointer and decrements unp_vnode
+ * use count.
+ */
+void
+vfs_unp_reclaim(struct vnode *vp)
+{
+	struct socket *so;
+	struct unpcb *unp;
+	int active;
+
+	ASSERT_VOP_ELOCKED(vp, "vfs_unp_reclaim");
+	KASSERT(vp->v_type == VSOCK,
+	    ("vfs_unp_reclaim: vp->v_type != VSOCK"));
+
+	active = 0;
+	UNP_LINK_WLOCK();
+	so = vp->v_socket;
+	if (so == NULL)
+		goto done;
+	unp = sotounpcb(so);
+	if (unp == NULL)
+		goto done;
+	UNP_PCB_LOCK(unp);
+	if (unp->unp_vnode != NULL) {
+		KASSERT(unp->unp_vnode == vp,
+		    ("vfs_unp_reclaim: vp != unp->unp_vnode"));
+		vp->v_socket = NULL;
+		unp->unp_vnode = NULL;
+		active = 1;
+	}
+	UNP_PCB_UNLOCK(unp);
+done:
+	UNP_LINK_WUNLOCK();
+	if (active)
+		vunref(vp);
+}
+
 #ifdef DDB
 static void
 db_print_indent(int indent)
--- a/sys/kern/vfs_subr.c
+++ b/sys/kern/vfs_subr.c
@ -2657,6 +2657,8 @@ vgonel(struct vnode *vp)
 			vinactive(vp, td);
 		VI_UNLOCK(vp);
 	}
+	if (vp->v_type == VSOCK)
+		vfs_unp_reclaim(vp);
 	/*
 	 * Reclaim the vnode.
 	 */
--- a/sys/sys/vnode.h
+++ b/sys/sys/vnode.h
@ -793,6 +793,8 @@ int vfs_read_dirent(struct vop_readdir_args *ap, struct dirent *dp, off_t off);

 int vfs_unixify_accmode(accmode_t *accmode);

+void vfs_unp_reclaim(struct vnode *vp);
+
 int setfmode(struct thread *td, struct ucred *cred, struct vnode *vp, int mode);
 int setfown(struct thread *td, struct ucred *cred, struct vnode *vp, uid_t uid,
    gid_t gid);