d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix locking race in ttymodem(). The locking of the proctree happens too late

Browse Source 
and opens a small race window before tp->t_session->s_leader is accessed. In case
tp->t_session has just been set to NULL elsewhere, we get a panic().

This fix is a bandaid until someone else fixes the whole locking in the tty subsystem.
Definitly more work needs to be done.

MFC after:	1 week
Reviewed by:	mlaier
PR:		kern/103101
This commit is contained in:
mbr 2006-09-10 16:51:56 +00:00
parent 9ae25ad614
commit eecf512f8f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/kern/tty.c
View File

@ -1639,8 +1639,8 @@ ttymodem(struct tty *tp, int flag)
!ISSET(tp->t_cflag, CLOCAL)) {
SET(tp->t_state, TS_ZOMBIE);
CLR(tp->t_state, TS_CONNECTED);
sx_slock(&proctree_lock); /* XXX: protect t_session */
if (tp->t_session) {
sx_slock(&proctree_lock);
if (tp->t_session->s_leader) {
struct proc *p;
@ -1649,8 +1649,8 @@ ttymodem(struct tty *tp, int flag)
psignal(p, SIGHUP);
PROC_UNLOCK(p);
}
sx_sunlock(&proctree_lock);
}
sx_sunlock(&proctree_lock);
ttyflush(tp, FREAD | FWRITE);
return (0);
}