Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris...

[linux-2.6] / net / unix / af_unix.c

diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 453ede86a65b102fde3fbf857cea94ceca850969..65ebccc0a698f31fff7de9c3fa7eebd3689e5969 100644 (file)
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -592,7 +592,8 @@ static struct sock * unix_create1(struct socket *sock)
        u->dentry = NULL;
        u->mnt    = NULL;
        spin_lock_init(&u->lock);
-       atomic_set(&u->inflight, sock ? 0 : -1);
+       atomic_set(&u->inflight, 0);
+       INIT_LIST_HEAD(&u->link);
        mutex_init(&u->readlock); /* single task reading lock */
        init_waitqueue_head(&u->peer_wait);
        unix_insert_socket(unix_sockets_unbound, sk);
@@ -858,6 +859,31 @@ out_mknod_parent:
        goto out_up;
 }
 
+static void unix_state_double_lock(struct sock *sk1, struct sock *sk2)
+{
+       if (unlikely(sk1 == sk2) || !sk2) {
+               unix_state_lock(sk1);
+               return;
+       }
+       if (sk1 < sk2) {
+               unix_state_lock(sk1);
+               unix_state_lock_nested(sk2);
+       } else {
+               unix_state_lock(sk2);
+               unix_state_lock_nested(sk1);
+       }
+}
+
+static void unix_state_double_unlock(struct sock *sk1, struct sock *sk2)
+{
+       if (unlikely(sk1 == sk2) || !sk2) {
+               unix_state_unlock(sk1);
+               return;
+       }
+       unix_state_unlock(sk1);
+       unix_state_unlock(sk2);
+}
+
 static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
                              int alen, int flags)
 {
@@ -877,11 +903,19 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
                    !unix_sk(sk)->addr && (err = unix_autobind(sock)) != 0)
                        goto out;
 
+restart:
                other=unix_find_other(sunaddr, alen, sock->type, hash, &err);
                if (!other)
                        goto out;
 
-               unix_state_lock(sk);
+               unix_state_double_lock(sk, other);
+
+               /* Apparently VFS overslept socket death. Retry. */
+               if (sock_flag(other, SOCK_DEAD)) {
+                       unix_state_double_unlock(sk, other);
+                       sock_put(other);
+                       goto restart;
+               }
 
                err = -EPERM;
                if (!unix_may_send(sk, other))
@@ -896,7 +930,7 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
                 *      1003.1g breaking connected state with AF_UNSPEC
                 */
                other = NULL;
-               unix_state_lock(sk);
+               unix_state_double_lock(sk, other);
        }
 
        /*
@@ -905,19 +939,19 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
        if (unix_peer(sk)) {
                struct sock *old_peer = unix_peer(sk);
                unix_peer(sk)=other;
-               unix_state_unlock(sk);
+               unix_state_double_unlock(sk, other);
 
                if (other != old_peer)
                        unix_dgram_disconnected(sk, old_peer);
                sock_put(old_peer);
        } else {
                unix_peer(sk)=other;
-               unix_state_unlock(sk);
+               unix_state_double_unlock(sk, other);
        }
        return 0;
 
 out_unlock:
-       unix_state_unlock(sk);
+       unix_state_double_unlock(sk, other);
        sock_put(other);
 out:
        return err;
@@ -1101,9 +1135,6 @@ restart:
        /* take ten and and send info to listening sock */
        spin_lock(&other->sk_receive_queue.lock);
        __skb_queue_tail(&other->sk_receive_queue, skb);
-       /* Undo artificially decreased inflight after embrion
-        * is installed to listening socket. */
-       atomic_inc(&newu->inflight);
        spin_unlock(&other->sk_receive_queue.lock);
        unix_state_unlock(other);
        other->sk_data_ready(other, 0);
@@ -1711,20 +1742,23 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
                int chunk;
                struct sk_buff *skb;
 
+               unix_state_lock(sk);
                skb = skb_dequeue(&sk->sk_receive_queue);
                if (skb==NULL)
                {
                        if (copied >= target)
-                               break;
+                               goto unlock;
 
                        /*
                         *      POSIX 1003.1g mandates this order.
                         */
 
                        if ((err = sock_error(sk)) != 0)
-                               break;
+                               goto unlock;
                        if (sk->sk_shutdown & RCV_SHUTDOWN)
-                               break;
+                               goto unlock;
+
+                       unix_state_unlock(sk);
                        err = -EAGAIN;
                        if (!timeo)
                                break;
@@ -1738,7 +1772,11 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
                        }
                        mutex_lock(&u->readlock);
                        continue;
+ unlock:
+                       unix_state_unlock(sk);
+                       break;
                }
+               unix_state_unlock(sk);
 
                if (check_creds) {
                        /* Never glue messages from different writers */
@@ -2008,7 +2046,7 @@ static int unix_seq_show(struct seq_file *seq, void *v)
        return 0;
 }
 
-static struct seq_operations unix_seq_ops = {
+static const struct seq_operations unix_seq_ops = {
        .start  = unix_seq_start,
        .next   = unix_seq_next,
        .stop   = unix_seq_stop,