Page MenuHomeFreeBSD

sctp: Fix lock recursion in sctp_swap_inpcb_for_listen()
ClosedPublic

Authored by markj on Sep 8 2021, 3:06 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Sep 19, 7:50 AM
Unknown Object (File)
Thu, Sep 18, 1:37 AM
Unknown Object (File)
Wed, Sep 3, 7:13 PM
Unknown Object (File)
Wed, Aug 27, 5:08 PM
Unknown Object (File)
Wed, Aug 27, 2:28 PM
Unknown Object (File)
Wed, Aug 27, 1:47 PM
Unknown Object (File)
Wed, Aug 27, 12:22 AM
Unknown Object (File)
Wed, Aug 27, 12:19 AM
Subscribers

Details

Summary

After commit bd4a39cc93d9 we now hold the global inp info lock across
the call to sctp_swap_inpcb_for_listen(), which attempts to acquire it
again. Since sctp_swap_inpcb_for_listen()'s sole caller is
sctp_listen(), we can simply change it to not try to acquire the lock.

Fixes: bd4a39cc93d9 ("socket: Properly interlock when transitioning to a listening socket")
Reported by: syzkaller

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 41425
Build 38314: arc lint + arc unit