Date: Wed, 25 Nov 2020 01:08:57 +0000 (UTC) From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r368006 - head/sys/kern Message-ID: <202011250108.0AP18vhi096136@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kevans Date: Wed Nov 25 01:08:57 2020 New Revision: 368006 URL: https://svnweb.freebsd.org/changeset/base/368006 Log: kern: never restart syscalls calling closefp(), e.g. close(2) All paths leading into closefp() will either replace or remove the fd from the filedesc table, and closefp() will call fo_close methods that can and do currently sleep without regard for the possibility of an ERESTART. This can be dangerous in multithreaded applications as another thread could have opened another file in its place that is subsequently operated on upon restart. The following are seemingly the only ones that will pass back ERESTART in-tree: - sockets (SO_LINGER) - fusefs - nfsclient Reviewed by: jilles, kib MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D27310 Modified: head/sys/kern/kern_descrip.c Modified: head/sys/kern/kern_descrip.c ============================================================================== --- head/sys/kern/kern_descrip.c Wed Nov 25 00:10:54 2020 (r368005) +++ head/sys/kern/kern_descrip.c Wed Nov 25 01:08:57 2020 (r368006) @@ -1279,6 +1279,15 @@ closefp(struct filedesc *fdp, int fd, struct file *fp, FILEDESC_XUNLOCK(fdp); error = closef(fp, td); + + /* + * All paths leading up to closefp() will have already removed or + * replaced the fd in the filedesc table, so a restart would not + * operate on the same file. + */ + if (error == ERESTART) + error = EINTR; + if (holdleaders) { FILEDESC_XLOCK(fdp); fdp->fd_holdleaderscount--;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202011250108.0AP18vhi096136>