Fix a race condition in socow_setup(): The page must be wired before

sf_buf_alloc() is called, as sf_buf_alloc() may sleep. If it does sleep, the page might be reclaimed before wiring occurs. Reported by: alc
2003-03-18 18:27:33 +00:00 · 2003-03-18 18:27:33 +00:00 · daa949b66e
commit daa949b66e
parent cb3733b78d
1 changed files with 7 additions and 4 deletions
--- a/sys/kern/uipc_cow.c
+++ b/sys/kern/uipc_cow.c
@ -129,10 +129,6 @@ socow_setup(struct mbuf *m0, struct uio *uio)
 	}
 	pp = PHYS_TO_VM_PAGE(pa);

-	sf = sf_buf_alloc();
-	sf->m = pp;
-	pmap_qenter(sf->kva, &pp, 1);
-
 	/* 
 	 * set up COW
 	 */
@ -145,6 +141,13 @@ socow_setup(struct mbuf *m0, struct uio *uio)
 	vm_page_wire(pp);
 	vm_page_unlock_queues();

+	/*
+	 * Allocate an sf buf
+	 */
+	sf = sf_buf_alloc();
+	sf->m = pp;
+	pmap_qenter(sf->kva, &pp, 1);
+
 	/* 
 	 * attach to mbuf
 	 */