Date: Wed, 9 Sep 2009 13:28:19 +0000 (UTC) From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r197041 - in stable/8/sys: . amd64/include/xen cddl/contrib/opensolaris contrib/dev/acpica contrib/pf dev/xen/xenpci kern Message-ID: <200909091328.n89DSJkP086878@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kib Date: Wed Sep 9 13:28:18 2009 New Revision: 197041 URL: http://svn.freebsd.org/changeset/base/197041 Log: MFC r196887: In fhopen, vfs_ref() the mount point while vnode is unlocked, to prevent vn_start_write(NULL, &mp) from operating on potentially freed or reused struct mount *. Remove unmatched vfs_rel() in cleanup. Approved by: re (kensmith) Modified: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/kern/ (props changed) stable/8/sys/kern/vfs_syscalls.c Modified: stable/8/sys/kern/vfs_syscalls.c ============================================================================== --- stable/8/sys/kern/vfs_syscalls.c Wed Sep 9 13:23:26 2009 (r197040) +++ stable/8/sys/kern/vfs_syscalls.c Wed Sep 9 13:28:18 2009 (r197041) @@ -4439,12 +4439,15 @@ fhopen(td, uap) goto bad; } if (fmode & O_TRUNC) { + vfs_ref(mp); VOP_UNLOCK(vp, 0); /* XXX */ if ((error = vn_start_write(NULL, &mp, V_WAIT | PCATCH)) != 0) { vrele(vp); + vfs_rel(mp); goto out; } vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); /* XXX */ + vfs_rel(mp); #ifdef MAC /* * We don't yet have fp->f_cred, so use td->td_ucred, which @@ -4516,7 +4519,6 @@ fhopen(td, uap) VOP_UNLOCK(vp, 0); fdrop(fp, td); - vfs_rel(mp); VFS_UNLOCK_GIANT(vfslocked); td->td_retval[0] = indx; return (0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909091328.n89DSJkP086878>