81158452be
(sorele()/sotryfree()): - This permits the caller to acquire the accept mutex before the socket mutex, avoiding sofree() having to drop the socket mutex and re-order, which could lead to races permitting more than one thread to enter sofree() after a socket is ready to be free'd. - This also covers clearing of the so_pcb weak socket reference from the protocol to the socket, preventing races in clearing and evaluation of the reference such that sofree() might be called more than once on the same socket. This appears to close a race I was able to easily trigger by repeatedly opening and resetting TCP connections to a host, in which the tcp_close() code called as a result of the RST raced with the close() of the accepted socket in the user process resulting in simultaneous attempts to de-allocate the same socket. The new locking increases the overhead for operations that may potentially free the socket, so we will want to revise the synchronization strategy here as we normalize the reference counting model for sockets. The use of the accept mutex in freeing of sockets that are not listen sockets is primarily motivated by the potential need to remove the socket from the incomplete connection queue on its parent (listen) socket, so cleaning up the reference model here may allow us to substantially weaken the synchronization requirements. RELENG_5_3 candidate. MFC after: 3 days Reviewed by: dwhite Discussed with: gnn, dwhite, green Reported by: Marc UBM Bocklet <ubm at u-boot-man dot de> Reported by: Vlad <marchenko at gmail dot com> |
||
---|---|---|
.. | ||
ah6.h | ||
ah_aesxcbcmac.c | ||
ah_aesxcbcmac.h | ||
ah_core.c | ||
ah_input.c | ||
ah_output.c | ||
ah.h | ||
dest6.c | ||
esp6.h | ||
esp_aesctr.c | ||
esp_aesctr.h | ||
esp_core.c | ||
esp_input.c | ||
esp_output.c | ||
esp_rijndael.c | ||
esp_rijndael.h | ||
esp.h | ||
frag6.c | ||
icmp6.c | ||
icmp6.h | ||
in6_cksum.c | ||
in6_gif.c | ||
in6_gif.h | ||
in6_ifattach.c | ||
in6_ifattach.h | ||
in6_pcb.c | ||
in6_pcb.h | ||
in6_proto.c | ||
in6_rmx.c | ||
in6_src.c | ||
in6_var.h | ||
in6.c | ||
in6.h | ||
ip6_ecn.h | ||
ip6_forward.c | ||
ip6_fw.c | ||
ip6_fw.h | ||
ip6_id.c | ||
ip6_input.c | ||
ip6_mroute.c | ||
ip6_mroute.h | ||
ip6_output.c | ||
ip6_var.h | ||
ip6.h | ||
ip6protosw.h | ||
ipcomp6.h | ||
ipcomp_core.c | ||
ipcomp_input.c | ||
ipcomp_output.c | ||
ipcomp.h | ||
ipsec6.h | ||
ipsec.c | ||
ipsec.h | ||
mld6_var.h | ||
mld6.c | ||
nd6_nbr.c | ||
nd6_rtr.c | ||
nd6.c | ||
nd6.h | ||
pim6_var.h | ||
pim6.h | ||
raw_ip6.c | ||
raw_ip6.h | ||
README | ||
route6.c | ||
scope6_var.h | ||
scope6.c | ||
tcp6_var.h | ||
udp6_output.c | ||
udp6_usrreq.c | ||
udp6_var.h |
a note to committers about KAME tree $FreeBSD$ KAME project FreeBSD IPv6/IPsec tree is from KAMEproject (http://www.kame.net/). To synchronize KAME tree and FreeBSD better today and in the future, please understand the following: - DO NOT MAKE COSTMETIC CHANGES. "Cosmetic changes" here includes tabify, untabify, removal of space at EOL, minor KNF items, and whatever adds more output lines on "diff freebsd kame". To make future synchronization easier. it is critical to preserve certain statements in the code. Also, as KAME tree supports all 4 BSDs (Free, Open, Net, BSD/OS) in single shared tree, it is not always possible to backport FreeBSD changes into KAME tree. So again, please do not make cosmetic changes. Even if you think it a right thing, that will bite KAME guys badly during upgrade attempts, and prevent us from synchronizing two trees. (you don't usually make cosmetic changes against third-party code, do you?) - REPORT CHANGES/BUGS TO KAME GUYS. It is not always possible for KAME guys to watch all the freebsd mailing list traffic, as the traffic is HUGE. So if possible, please, inform kame guys of changes you made in IPv6/IPsec related portion. Contact path would be snap-users@kame.net or KAME PR database on www.kame.net. (or to core@kame.net if it is necessary to make it confidential) Thank you for your cooperation and have a happy IPv6 life! Note: KAME-origin code is in the following locations. The above notice applies to corresponding manpages too. The list may not be complete. If you see $KAME$ in the code, it is from KAME distribution. If you see some file that is IPv6/IPsec related, it is highly possible that the file is from KAME distribution. include/ifaddrs.h lib/libc/net lib/libc/net/getaddrinfo.c lib/libc/net/getifaddrs.c lib/libc/net/getnameinfo.c lib/libc/net/ifname.c lib/libc/net/ip6opt.c lib/libc/net/map_v4v6.c lib/libc/net/name6.c lib/libftpio lib/libipsec sbin/ip6fw sbin/ping6 sbin/rtsol share/doc/IPv6 share/man/man4/ip6.4 share/man/man4/inet6.4 sys/crypto (except sys/crypto/rc4) sys/kern/uipc_mbuf2.c sys/net/if_faith.[ch] sys/net/if_gif.[ch] sys/net/if_stf.[ch] sys/net/pfkeyv2.h sys/netinet/icmp6.h sys/netinet/in_gif.[ch] sys/netinet/ip6.h sys/netinet/ip_encap.[ch] sys/netinet6 sys/netkey usr.sbin/faithd usr.sbin/gifconfig usr.sbin/ifmcstat usr.sbin/mld6query usr.sbin/ndp usr.sbin/pim6dd usr.sbin/pim6sd usr.sbin/prefix usr.sbin/rip6query usr.sbin/route6d usr.sbin/rrenumd usr.sbin/rtadvd usr.sbin/rtsold usr.sbin/scope6config usr.sbin/setkey usr.sbin/traceroute6