Page MenuHomeFreeBSD
Differential D31975

socket: Remove NOFREE from the socket zone
ClosedPublic
Actions

Authored by markj on Sep 15 2021, 7:58 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sep 30 2024, 7:31 AM
Unknown Object (File)
Sep 30 2024, 5:27 AM
Unknown Object (File)
Sep 28 2024, 3:33 PM
Unknown Object (File)
Sep 27 2024, 5:15 PM
Unknown Object (File)
Sep 27 2024, 4:24 PM
Unknown Object (File)
Sep 25 2024, 2:34 PM
Unknown Object (File)
Sep 24 2024, 2:56 AM
Unknown Object (File)
Sep 5 2024, 5:12 AM
View All 55 Files
Subscribers
imp

Details

Reviewers
None
Group Reviewers
network
Commits
rG883761f0a81a: socket: Remove NOFREE from the socket zone
Summary

This flag was added during the transition away from the legacy zone
allocator, commit c897b81311792ccf6a93feff2a405e2ae53f664e. The old
zone allocator effectively provided _NOFREE semantics, but I believe
they are not required for sockets. In particular, we use reference
counting to keep sockets live.

The one case which is kind of weird is sonewconn(), which returns a
pointer to a socket with reference count 0. This socket is still
effectively owned by the listening socket. Protocols must therefore be
careful to synchronize sonewconn() calls with their pru_close
implementations, since for listening sockets soclose() will abort the
child sockets. For example, TCP holds the listening socket's PCB read
locked across the sonewconn() call, which blocks tcp_usr_close().

Eliminating _NOFREE has several benefits: it enables use-after-free
detection (e.g., by KASAN) and lets the system reclaim memory from the
socket zone under memory pressure.

No functional change intended.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
kern/
2 lines

Diff 95320

View Options

sys/kern/uipc_socket.c

Loading...