Author: bz
Date: Wed Mar 17 18:28:27 2010
New Revision: 205251
URL: http://svn.freebsd.org/changeset/base/205251
Log:
Add pcb reference counting to the pcblist sysctl handler functions
to ensure type stability while caching the pcb pointers for the
copyout.
Reviewed by: rwatson
MFC after: 7 days
Modified:
head/sys/netinet/ip_divert.c
head/sys/netinet/raw_ip.c
head/sys/netinet/tcp_subr.c
head/sys/netinet/udp_usrreq.c
Modified: head/sys/netinet/ip_divert.c
==============================================================================
--- head/sys/netinet/ip_divert.c Wed Mar 17 15:31:06 2010
(r205250)
+++ head/sys/netinet/ip_divert.c Wed Mar 17 18:28:27 2010
(r205251)
@@ -628,11 +628,13 @@ div_pcblist(SYSCTL_HANDLER_ARGS)
INP_INFO_RLOCK(&V_divcbinfo);
for (inp = LIST_FIRST(V_divcbinfo.ipi_listhead), i = 0; inp && i < n;
inp = LIST_NEXT(inp, inp_list)) {
- INP_RLOCK(inp);
+ INP_WLOCK(inp);
if (inp->inp_gencnt <= gencnt &&
- cr_canseeinpcb(req->td->td_ucred, inp) == 0)
+ cr_canseeinpcb(req->td->td_ucred, inp) == 0) {
+ in_pcbref(inp);
inp_list[i++] = inp;
- INP_RUNLOCK(inp);
+ }
+ INP_WUNLOCK(inp);
}
INP_INFO_RUNLOCK(&V_divcbinfo);
n = i;
@@ -654,6 +656,15 @@ div_pcblist(SYSCTL_HANDLER_ARGS)
} else
INP_RUNLOCK(inp);
}
+ INP_INFO_WLOCK(&V_divcbinfo);
+ for (i = 0; i < n; i++) {
+ inp = inp_list[i];
+ INP_WLOCK(inp);
+ if (!in_pcbrele(inp))
+ INP_WUNLOCK(inp);
+ }
+ INP_INFO_WUNLOCK(&V_divcbinfo);
+
if (!error) {
/*
* Give the user an updated idea of our state.
Modified: head/sys/netinet/raw_ip.c
==============================================================================
--- head/sys/netinet/raw_ip.c Wed Mar 17 15:31:06 2010 (r205250)
+++ head/sys/netinet/raw_ip.c Wed Mar 17 18:28:27 2010 (r205251)
@@ -1011,13 +1011,13 @@ rip_pcblist(SYSCTL_HANDLER_ARGS)
INP_INFO_RLOCK(&V_ripcbinfo);
for (inp = LIST_FIRST(V_ripcbinfo.ipi_listhead), i = 0; inp && i < n;
inp = LIST_NEXT(inp, inp_list)) {
- INP_RLOCK(inp);
+ INP_WLOCK(inp);
if (inp->inp_gencnt <= gencnt &&
cr_canseeinpcb(req->td->td_ucred, inp) == 0) {
- /* XXX held references? */
+ in_pcbref(inp);
inp_list[i++] = inp;
}
- INP_RUNLOCK(inp);
+ INP_WUNLOCK(inp);
}
INP_INFO_RUNLOCK(&V_ripcbinfo);
n = i;
@@ -1040,6 +1040,15 @@ rip_pcblist(SYSCTL_HANDLER_ARGS)
} else
INP_RUNLOCK(inp);
}
+ INP_INFO_WLOCK(&V_ripcbinfo);
+ for (i = 0; i < n; i++) {
+ inp = inp_list[i];
+ INP_WLOCK(inp);
+ if (!in_pcbrele(inp))
+ INP_WUNLOCK(inp);
+ }
+ INP_INFO_WUNLOCK(&V_ripcbinfo);
+
if (!error) {
/*
* Give the user an updated idea of our state. If the
Modified: head/sys/netinet/tcp_subr.c
==============================================================================
--- head/sys/netinet/tcp_subr.c Wed Mar 17 15:31:06 2010 (r205250)
+++ head/sys/netinet/tcp_subr.c Wed Mar 17 18:28:27 2010 (r205251)
@@ -1108,7 +1108,7 @@ tcp_pcblist(SYSCTL_HANDLER_ARGS)
INP_INFO_RLOCK(&V_tcbinfo);
for (inp = LIST_FIRST(V_tcbinfo.ipi_listhead), i = 0;
inp != NULL && i < n; inp = LIST_NEXT(inp, inp_list)) {
- INP_RLOCK(inp);
+ INP_WLOCK(inp);
if (inp->inp_gencnt <= gencnt) {
/*
* XXX: This use of cr_cansee(), introduced with
@@ -1123,10 +1123,12 @@ tcp_pcblist(SYSCTL_HANDLER_ARGS)
error = EINVAL; /* Skip this inp. */
} else
error = cr_canseeinpcb(req->td->td_ucred, inp);
- if (error == 0)
+ if (error == 0) {
+ in_pcbref(inp);
inp_list[i++] = inp;
+ }
}
- INP_RUNLOCK(inp);
+ INP_WUNLOCK(inp);
}
INP_INFO_RUNLOCK(&V_tcbinfo);
n = i;
@@ -1165,8 +1167,16 @@ tcp_pcblist(SYSCTL_HANDLER_ARGS)
error = SYSCTL_OUT(req, &xt, sizeof xt);
} else
INP_RUNLOCK(inp);
-
}
+ INP_INFO_WLOCK(&V_tcbinfo);
+ for (i = 0; i < n; i++) {
+ inp = inp_list[i];
+ INP_WLOCK(inp);
+ if (!in_pcbrele(inp))
+ INP_WUNLOCK(inp);
+ }
+ INP_INFO_WUNLOCK(&V_tcbinfo);
+
if (!error) {
/*
* Give the user an updated idea of our state.
Modified: head/sys/netinet/udp_usrreq.c
==============================================================================
--- head/sys/netinet/udp_usrreq.c Wed Mar 17 15:31:06 2010
(r205250)
+++ head/sys/netinet/udp_usrreq.c Wed Mar 17 18:28:27 2010
(r205251)
@@ -746,11 +746,13 @@ udp_pcblist(SYSCTL_HANDLER_ARGS)
INP_INFO_RLOCK(&V_udbinfo);
for (inp = LIST_FIRST(V_udbinfo.ipi_listhead), i = 0; inp && i < n;
inp = LIST_NEXT(inp, inp_list)) {
- INP_RLOCK(inp);
+ INP_WLOCK(inp);
if (inp->inp_gencnt <= gencnt &&
- cr_canseeinpcb(req->td->td_ucred, inp) == 0)
+ cr_canseeinpcb(req->td->td_ucred, inp) == 0) {
+ in_pcbref(inp);
inp_list[i++] = inp;
- INP_RUNLOCK(inp);
+ }
+ INP_WUNLOCK(inp);
}
INP_INFO_RUNLOCK(&V_udbinfo);
n = i;
@@ -761,6 +763,7 @@ udp_pcblist(SYSCTL_HANDLER_ARGS)
INP_RLOCK(inp);
if (inp->inp_gencnt <= gencnt) {
struct xinpcb xi;
+
bzero(&xi, sizeof(xi));
xi.xi_len = sizeof xi;
/* XXX should avoid extra copy */
@@ -773,6 +776,15 @@ udp_pcblist(SYSCTL_HANDLER_ARGS)
} else
INP_RUNLOCK(inp);
}
+ INP_INFO_WLOCK(&V_udbinfo);
+ for (i = 0; i < n; i++) {
+ inp = inp_list[i];
+ INP_WLOCK(inp);
+ if (!in_pcbrele(inp))
+ INP_WUNLOCK(inp);
+ }
+ INP_INFO_WUNLOCK(&V_udbinfo);
+
if (!error) {
/*
* Give the user an updated idea of our state. If the
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
