AF_UNIX: Hold a reference of the unp_conn before executing blocking code
authorSepherosa Ziehau <sephe@dragonflybsd.org>
Wed, 27 Apr 2011 07:10:03 +0000 (15:10 +0800)
committerSepherosa Ziehau <sephe@dragonflybsd.org>
Wed, 27 Apr 2011 07:10:03 +0000 (15:10 +0800)
commit76d4bfa31c73732ae74b63f8fe1cbdc9d8df7a52
tree674a5f16c7b55e792ba233809070ba18c5b9826b
parentc444f2f522057c0bb8f28e708cfb49889c7ab6e8
AF_UNIX: Hold a reference of the unp_conn before executing blocking code

Since unp_token will be automaticly released upon execution of blocking
code, close of unp_conn could race any code paths that references unp_conn
after executing blocking code.  To fix these races, we simply increment
the reference count of the unp_conn before executig any possibly blocking
code and release the reference count of unp_conn, which may release unp_conn
itself.  This _currently_ does not suffer 0-ref race, since unp_token is
always being held.
sys/kern/uipc_usrreq.c
sys/sys/unpcb.h