diff options
author | dimitri staessens <dimitri.staessens@intec.ugent.be> | 2016-06-28 08:46:55 +0200 |
---|---|---|
committer | dimitri staessens <dimitri.staessens@intec.ugent.be> | 2016-06-28 08:46:55 +0200 |
commit | e9e4c6edab303bd725a4904c78ac3f853f8703ae (patch) | |
tree | 9ff28aff5526442bca60829c05ff054cfc79404a | |
parent | 02210c5126ef5478753d252f7ae1fe726f972485 (diff) | |
download | ouroboros-e9e4c6edab303bd725a4904c78ac3f853f8703ae.tar.gz ouroboros-e9e4c6edab303bd725a4904c78ac3f853f8703ae.zip |
ipcpd: fix deadlock in shim-udp
shim UDP would deadlock upon a dealloc call. fd_clr cannot be called
under wrlock.
-rw-r--r-- | src/ipcpd/shim-udp/main.c | 38 |
1 files changed, 25 insertions, 13 deletions
diff --git a/src/ipcpd/shim-udp/main.c b/src/ipcpd/shim-udp/main.c index c465cb32..221e60d2 100644 --- a/src/ipcpd/shim-udp/main.c +++ b/src/ipcpd/shim-udp/main.c @@ -600,7 +600,7 @@ static int ipcp_udp_flow_dealloc_req(int udp_port) struct shm_ap_rbuff * rb; pthread_rwlock_rdlock(&_ipcp->state_lock); - pthread_rwlock_wrlock(&_ap_instance->flows_lock); + pthread_rwlock_rdlock(&_ap_instance->flows_lock); fd = udp_port_to_fd(udp_port); if (fd < 0) { @@ -613,6 +613,9 @@ static int ipcp_udp_flow_dealloc_req(int udp_port) clr_fd(fd); + pthread_rwlock_unlock(&_ap_instance->flows_lock); + pthread_rwlock_wrlock(&_ap_instance->flows_lock); + _ap_instance->flows[fd].state = FLOW_NULL; port_id = _ap_instance->flows[fd].port_id; _ap_instance->flows[fd].port_id = -1; @@ -1319,12 +1322,6 @@ static int ipcp_udp_flow_alloc(pid_t n_pid, return -1; } - pthread_rwlock_rdlock(&_ap_instance->flows_lock); - - set_fd(fd); - - pthread_rwlock_unlock(&_ap_instance->flows_lock); - pthread_rwlock_wrlock(&_ap_instance->flows_lock); _ap_instance->flows[fd].port_id = port_id; @@ -1332,6 +1329,12 @@ static int ipcp_udp_flow_alloc(pid_t n_pid, _ap_instance->flows[fd].rb = rb; pthread_rwlock_unlock(&_ap_instance->flows_lock); + pthread_rwlock_rdlock(&_ap_instance->flows_lock); + + set_fd(fd); + + pthread_rwlock_unlock(&_ap_instance->flows_lock); + pthread_rwlock_unlock(&_ipcp->state_lock); if (ipcp_udp_port_alloc(ip_addr, @@ -1339,10 +1342,13 @@ static int ipcp_udp_flow_alloc(pid_t n_pid, dst_name, src_ae_name) < 0) { pthread_rwlock_rdlock(&_ipcp->state_lock); - pthread_rwlock_wrlock(&_ap_instance->flows_lock); + pthread_rwlock_rdlock(&_ap_instance->flows_lock); clr_fd(fd); + pthread_rwlock_unlock(&_ap_instance->flows_lock); + pthread_rwlock_wrlock(&_ap_instance->flows_lock); + _ap_instance->flows[fd].port_id = -1; _ap_instance->flows[fd].state = FLOW_NULL; shm_ap_rbuff_close(_ap_instance->flows[fd].rb); @@ -1436,14 +1442,17 @@ static int ipcp_udp_flow_alloc_resp(pid_t n_pid, r_saddr.sin_port, response) < 0) { pthread_rwlock_rdlock(&_ipcp->state_lock); + pthread_rwlock_rdlock(&_ap_instance->flows_lock); + + clr_fd(fd); + + pthread_rwlock_unlock(&_ap_instance->flows_lock); pthread_rwlock_wrlock(&_ap_instance->flows_lock); _ap_instance->flows[fd].state = FLOW_NULL; shm_ap_rbuff_close(_ap_instance->flows[fd].rb); _ap_instance->flows[fd].rb = NULL; - clr_fd(fd); - pthread_rwlock_unlock(&_ap_instance->flows_lock); pthread_rwlock_unlock(&_ipcp->state_lock); @@ -1464,7 +1473,7 @@ static int ipcp_udp_flow_dealloc(int port_id) socklen_t r_saddr_len = sizeof(r_saddr); pthread_rwlock_rdlock(&_ipcp->state_lock); - pthread_rwlock_wrlock(&_ap_instance->flows_lock); + pthread_rwlock_rdlock(&_ap_instance->flows_lock); fd = port_id_to_fd(port_id); if (fd < 0) { @@ -1474,13 +1483,16 @@ static int ipcp_udp_flow_dealloc(int port_id) return 0; } + clr_fd(fd); + + pthread_rwlock_unlock(&_ap_instance->flows_lock); + pthread_rwlock_wrlock(&_ap_instance->flows_lock); + _ap_instance->flows[fd].state = FLOW_NULL; _ap_instance->flows[fd].port_id = -1; rb = _ap_instance->flows[fd].rb; _ap_instance->flows[fd].rb = NULL; - clr_fd(fd); - pthread_rwlock_unlock(&_ap_instance->flows_lock); if (rb != NULL) |