Commit 97453e5e authored by Claudio Jeker's avatar Claudio Jeker Committed by Tom Jones
Browse files

Unlock inp when handling TCP_MD5SIG socket options

Unlock the inp when hanlding TCP_MD5SIG socket options. tcp_ipsec_pcbctl
handles locking the inp when the option is being modified.

This was found by Claudio Jeker while working on the OpenBGPd port.

On 14 we get a panic when trying to call getsockopt, on 13.1 the process
locks up using 100% CPU.

Reviewed by:	rscheff (transport), tuexen
MFC after:	3 days
Sponsored by:	Klara Inc.
Differential Revision:	https://reviews.freebsd.org/D35532
parent 95144583
......@@ -2206,13 +2206,13 @@ tcp_default_ctloutput(struct inpcb *inp, struct sockopt *sopt)
switch (sopt->sopt_name) {
#if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE)
case TCP_MD5SIG:
if (!TCPMD5_ENABLED()) {
INP_WUNLOCK(inp);
INP_WUNLOCK(inp);
if (!TCPMD5_ENABLED())
return (ENOPROTOOPT);
}
error = TCPMD5_PCBCTL(inp, sopt);
if (error)
return (error);
INP_WLOCK_RECHECK(inp);
goto unlock_and_done;
#endif /* IPSEC */
......@@ -2584,10 +2584,9 @@ tcp_default_ctloutput(struct inpcb *inp, struct sockopt *sopt)
switch (sopt->sopt_name) {
#if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE)
case TCP_MD5SIG:
if (!TCPMD5_ENABLED()) {
INP_WUNLOCK(inp);
INP_WUNLOCK(inp);
if (!TCPMD5_ENABLED())
return (ENOPROTOOPT);
}
error = TCPMD5_PCBCTL(inp, sopt);
break;
#endif
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment