diff options
author | Alan Somers <asomers@FreeBSD.org> | 2023-07-09 20:48:10 +0000 |
---|---|---|
committer | Alan Somers <asomers@FreeBSD.org> | 2023-07-10 14:13:58 +0000 |
commit | 6c049996ec29bad4a913b019a28f211ab84b0d3d (patch) | |
tree | f862f39f8f91d6f9e1f9a4b862792b61ff7a045b /sys/kern/kern_descrip.c | |
parent | 8ab2da68283b7228f2caa7e7df173d6d46a224f9 (diff) | |
download | src-6c049996ec29bad4a913b019a28f211ab84b0d3d.tar.gz src-6c049996ec29bad4a913b019a28f211ab84b0d3d.zip |
During F_SETFL, don't change file flags on error
Previously, even if the FIONBIO or FIOASYNC ioctl failed, the file's
f_flags variable would still be changed. Now, kern_fcntl will restore
the original flags if the ioctl fails.
PR: 265736
Reported by: Yuval Pavel Zholkover <paulzhol@gmail.com>
MFC after: 2 weeks
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D40955
Diffstat (limited to 'sys/kern/kern_descrip.c')
-rw-r--r-- | sys/kern/kern_descrip.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 908c3352514b..ad1b86a0c76c 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -495,7 +495,7 @@ kern_fcntl(struct thread *td, int fd, int cmd, intptr_t arg) struct vnode *vp; struct mount *mp; struct kinfo_file *kif; - int error, flg, kif_sz, seals, tmp; + int error, flg, kif_sz, seals, tmp, got_set, got_cleared; uint64_t bsize; off_t foffset; @@ -573,12 +573,12 @@ kern_fcntl(struct thread *td, int fd, int cmd, intptr_t arg) tmp &= ~FCNTLFLAGS; tmp |= FFLAGS(arg & ~O_ACCMODE) & FCNTLFLAGS; } while (atomic_cmpset_int(&fp->f_flag, flg, tmp) == 0); + got_set = tmp & ~flg; + got_cleared = flg & ~tmp; tmp = fp->f_flag & FNONBLOCK; error = fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td); - if (error != 0) { - fdrop(fp, td); - break; - } + if (error != 0) + goto revert_f_setfl; tmp = fp->f_flag & FASYNC; error = fo_ioctl(fp, FIOASYNC, &tmp, td->td_ucred, td); if (error == 0) { @@ -588,6 +588,13 @@ kern_fcntl(struct thread *td, int fd, int cmd, intptr_t arg) atomic_clear_int(&fp->f_flag, FNONBLOCK); tmp = 0; (void)fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td); +revert_f_setfl: + do { + tmp = flg = fp->f_flag; + tmp &= ~FCNTLFLAGS; + tmp |= got_cleared; + tmp &= ~got_set; + } while (atomic_cmpset_int(&fp->f_flag, flg, tmp) == 0); fdrop(fp, td); break; |