From 8b594b45f4b57406cb0ee6f395fcc71d82cbaab6 Mon Sep 17 00:00:00 2001 From: mvs Date: Thu, 13 May 2021 17:02:31 +0000 Subject: [PATCH] Move ktrfds() below fdpunlock(). This fixes lock order issue between vn_lock(9) and fdplock(). Reported-by: syzbot+2300a1bedc425f6f851e@syzkaller.appspotmail.com ok visa@ --- sys/kern/uipc_syscalls.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c index 6edae42b5a9..4d332ea6f36 100644 --- a/sys/kern/uipc_syscalls.c +++ b/sys/kern/uipc_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_syscalls.c,v 1.188 2021/03/10 17:03:58 deraadt Exp $ */ +/* $OpenBSD: uipc_syscalls.c,v 1.189 2021/05/13 17:02:31 mvs Exp $ */ /* $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $ */ /* @@ -465,13 +465,13 @@ sys_socketpair(struct proc *p, void *v, register_t *retval) fp2->f_data = so2; error = copyout(sv, SCARG(uap, rsv), 2 * sizeof (int)); if (error == 0) { + fdinsert(fdp, sv[0], cloexec, fp1); + fdinsert(fdp, sv[1], cloexec, fp2); + fdpunlock(fdp); #ifdef KTRACE if (KTRPOINT(p, KTR_STRUCT)) ktrfds(p, sv, 2); #endif - fdinsert(fdp, sv[0], cloexec, fp1); - fdinsert(fdp, sv[1], cloexec, fp2); - fdpunlock(fdp); FRELE(fp1, p); FRELE(fp2, p); return (0); -- 2.20.1