CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2025/07/14 15:47:26
Modified files:
sys/kern : uipc_socket2.c
Log message:
Unlock shared netlock before socket lock.
solock_shared() takes both, first shared netlock and then socket
lock. When unlocking, the order is also important to avoid
use-after-free.
A socket's life time is controlled by the SS_NOFDREF flag in socket
state which is protected by socket lock. As soon socket lock is
released, another thread may free the socket. So dereferencing the
value of so->so_proto must be done before. Swap the unlock order
in sounlock_shared() and sounlock_pair() that the socket family is
evaluated first and netlock released for internet sockets. Unlock
socket lock after that.
With that it should be safe to convert socket close from exclusive
netlock to socket lock.
OK mvs@
