so->so_state is already read without kernel lock inside soo_ioctl()
which calls pru_control() aka in6_control() and in_control().
This leaves individual ioctl cases to unlock/push into.
Feedback? OK?
---
sys/netinet/in.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/sys/netinet/in.c b/sys/netinet/in.c
index 990aaf84c8a..c44de17d502 100644
--- a/sys/netinet/in.c
+++ b/sys/netinet/in.c
@@ -202,8 +202,6 @@ in_control(struct socket *so, u_long cmd, caddr_t data,
struct ifnet *ifp)
int privileged;
int error;
- KERNEL_LOCK();
-
privileged = 0;
if ((so->so_state & SS_PRIV) != 0)
privileged++;
@@ -212,16 +210,18 @@ in_control(struct socket *so, u_long cmd, caddr_t data,
struct ifnet *ifp)
#ifdef MROUTING
case SIOCGETVIFCNT:
case SIOCGETSGCNT:
+ KERNEL_LOCK();
error = mrt_ioctl(so, cmd, data);
+ KERNEL_UNLOCK();
break;
#endif /* MROUTING */
default:
+ KERNEL_LOCK();
error = in_ioctl(cmd, data, ifp, privileged);
+ KERNEL_UNLOCK();
break;
}
- KERNEL_UNLOCK();
-
return error;
}
--
2.38.1
