From 9cf4e548dcbe6d865fcbcd97381cbcbf79ae3f25 Mon Sep 17 00:00:00 2001 From: mvs Date: Thu, 12 Jan 2023 10:59:36 +0000 Subject: [PATCH] Use solock() instead solock_shared() within sys_getsockopt(). Otherwise we acquiring kernel lock with mutex(9) held. This partially reverts rev 1.205 of sys/kern/uipc_syscalls.c. Shared solock() is still fine for getsockname(2) and getpeername(2). Reported-by: syzbot+00a4824cb1b6a214c7d6@syzkaller.appspotmail.com ok kn@ claudio@ --- sys/kern/uipc_syscalls.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c index 395f0a20c26..37ee487ead6 100644 --- a/sys/kern/uipc_syscalls.c +++ b/sys/kern/uipc_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_syscalls.c,v 1.207 2022/12/07 01:02:28 deraadt Exp $ */ +/* $OpenBSD: uipc_syscalls.c,v 1.208 2023/01/12 10:59:36 mvs Exp $ */ /* $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $ */ /* @@ -1271,9 +1271,9 @@ sys_getsockopt(struct proc *p, void *v, register_t *retval) valsize = 0; m = m_get(M_WAIT, MT_SOOPTS); so = fp->f_data; - solock_shared(so); + solock(so); error = sogetopt(so, SCARG(uap, level), SCARG(uap, name), m); - sounlock_shared(so); + sounlock(so); if (error == 0 && SCARG(uap, val) && valsize && m != NULL) { if (valsize > m->m_len) valsize = m->m_len; -- 2.20.1