From owner-svn-src-head@FreeBSD.ORG Sat Mar 9 13:25:46 2013 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 3081D632; Sat, 9 Mar 2013 13:25:46 +0000 (UTC) (envelope-from davide@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 0A94E13F; Sat, 9 Mar 2013 13:25:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.6/8.14.6) with ESMTP id r29DPjN3066320; Sat, 9 Mar 2013 13:25:45 GMT (envelope-from davide@svn.freebsd.org) Received: (from davide@localhost) by svn.freebsd.org (8.14.6/8.14.5/Submit) id r29DPjfS066318; Sat, 9 Mar 2013 13:25:45 GMT (envelope-from davide@svn.freebsd.org) Message-Id: <201303091325.r29DPjfS066318@svn.freebsd.org> From: Davide Italiano Date: Sat, 9 Mar 2013 13:25:45 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r248101 - head/sys/fs/smbfs X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Mar 2013 13:25:46 -0000 Author: davide Date: Sat Mar 9 13:25:45 2013 New Revision: 248101 URL: http://svnweb.freebsd.org/changeset/base/248101 Log: smbfs_lookup() in the DOTDOT case operates on dvp->n_parent without proper locking. This doesn't prevent in any case reclaim of the vnode. Avoid this not going over-the-wire in this case and relying on subsequent smbfs_getattr() call to restore consistency. While I'm here, change a couple of SMBVDEBUG() in MPASS(). sbmfs_smb_lookup() doesn't and shouldn't know about '.' and '..' Reported by: pho's stress2 suite Modified: head/sys/fs/smbfs/smbfs_smb.c head/sys/fs/smbfs/smbfs_vnops.c Modified: head/sys/fs/smbfs/smbfs_smb.c ============================================================================== --- head/sys/fs/smbfs/smbfs_smb.c Sat Mar 9 13:12:12 2013 (r248100) +++ head/sys/fs/smbfs/smbfs_smb.c Sat Mar 9 13:25:45 2013 (r248101) @@ -1455,15 +1455,9 @@ smbfs_smb_lookup(struct smbnode *dnp, co fap->fa_ino = 2; return 0; } - if (nmlen == 1 && name[0] == '.') { - error = smbfs_smb_lookup(dnp, NULL, 0, fap, scred); - return error; - } else if (nmlen == 2 && name[0] == '.' && name[1] == '.') { - error = smbfs_smb_lookup(VTOSMB(dnp->n_parent), NULL, 0, fap, - scred); - printf("%s: knows NOTHING about '..'\n", __func__); - return error; - } + MPASS(!(nmlen == 2 && name[0] == '.' && name[1] == '.')); + MPASS(!(nmlen == 1 && name[0] == '.')); + ASSERT_VOP_ELOCKED(dnp->n_vnode, "smbfs_smb_lookup"); error = smbfs_findopen(dnp, name, nmlen, SMB_FA_SYSTEM | SMB_FA_HIDDEN | SMB_FA_DIR, scred, &ctx); if (error) Modified: head/sys/fs/smbfs/smbfs_vnops.c ============================================================================== --- head/sys/fs/smbfs/smbfs_vnops.c Sat Mar 9 13:12:12 2013 (r248100) +++ head/sys/fs/smbfs/smbfs_vnops.c Sat Mar 9 13:25:45 2013 (r248101) @@ -1204,13 +1204,20 @@ smbfs_lookup(ap) smb_makescred(scred, td, cnp->cn_cred); fap = &fattr; if (flags & ISDOTDOT) { - error = smbfs_smb_lookup(VTOSMB(dnp->n_parent), NULL, 0, fap, - scred); - SMBVDEBUG("result of dotdot lookup: %d\n", error); - } else { - fap = &fattr; + /* + * In the DOTDOT case, don't go over-the-wire + * in order to request attributes. We already + * know it's a directory and subsequent call to + * smbfs_getattr() will restore consistency. + * + */ + SMBVDEBUG("smbfs_smb_lookup: dotdot\n"); + } else if (isdot) { + error = smbfs_smb_lookup(dnp, NULL, 0, fap, scred); + SMBVDEBUG("result of smbfs_smb_lookup: %d\n", error); + } + else { error = smbfs_smb_lookup(dnp, name, nmlen, fap, scred); -/* if (cnp->cn_namelen == 1 && cnp->cn_nameptr[0] == '.')*/ SMBVDEBUG("result of smbfs_smb_lookup: %d\n", error); } if (error && error != ENOENT)