Skip to main content

Browse the archive

Revision 68e23840d424b9ee403f09dcbdc106327d385ece authored by Konstantin Belousov on 23 January 2010, 19:01:25 UTC, committed by Konstantin Belousov on 23 January 2010, 19:01:25 UTC 
MFC r186277:
 
The quotactl, statfs and fstatfs syscall implementations may dereference
NULL pointer to struct mount if the looked up vnode is reclaimed. Also,
these syscalls only mnt_ref() the mp, still allowing it to be unmounted;
only struct mount memory is kept from being reused.

Lock the vnode when doing name lookup, then reference its mount point,
unlock the vnode and vfs_busy the mountpoint. This sequence shall take
care of both races.

MFC r188141 (by trasz):
In some situations, mnt_lockref could go negative due to vfs_unbusy() being
called without calling vfs_busy() first.  This made umount(8) hang waiting
for mnt_lockref to become zero, which would never happen.

MFC r196887:
In fhopen, vfs_ref() the mount point while vnode is unlocked, to prevent
vn_start_write(NULL, &mp) from operating on potentially freed or reused
struct mount *.

Remove unmatched vfs_rel() in cleanup.

Approved by:	re (bz)
1 parent d902a89
History
File Mode Size
admin
appl
cf
doc
etc
include
kadmin
kdc
kpasswd
kuser
lib
tools
ChangeLog -rw-r--r-- 29.1 KB
ChangeLog.1998 -rw-r--r-- 90.9 KB
ChangeLog.1999 -rw-r--r-- 62.1 KB
ChangeLog.2000 -rw-r--r-- 40.8 KB
ChangeLog.2001 -rw-r--r-- 35.1 KB
ChangeLog.2002 -rw-r--r-- 20.7 KB
FREEBSD-Xlist -rw-r--r-- 150 bytes
Makefile.am -rw-r--r-- 266 bytes
Makefile.am.common -rw-r--r-- 109 bytes
Makefile.in -rw-r--r-- 28.0 KB
NEWS -rw-r--r-- 14.5 KB
README -rw-r--r-- 681 bytes
aclocal.m4 -rw-r--r-- 230.2 KB
compile -rwxr-xr-x 3.6 KB
config.guess -rwxr-xr-x 42.5 KB
config.sub -rwxr-xr-x 30.4 KB
configure -rwxr-xr-x 1.5 MB
configure.in -rw-r--r-- 11.7 KB
install-sh -rwxr-xr-x 9.0 KB
krb5.conf -rw-r--r-- 406 bytes
ltconfig -rwxr-xr-x 82.8 KB
ltmain.sh -rw-r--r-- 178.5 KB
missing -rw-r--r-- 10.4 KB
mkinstalldirs -rwxr-xr-x 3.3 KB

README

back to top