From owner-cvs-src-old@FreeBSD.ORG  Sat Jan 23 19:01:42 2010
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B1A80106566B
	for <cvs-src-old@freebsd.org>; Sat, 23 Jan 2010 19:01:42 +0000 (UTC)
	(envelope-from kib@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 9FDA18FC12
	for <cvs-src-old@freebsd.org>; Sat, 23 Jan 2010 19:01:42 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o0NJ1gVj000125
	for <cvs-src-old@freebsd.org>; Sat, 23 Jan 2010 19:01:42 GMT
	(envelope-from kib@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o0NJ1gM1000124
	for cvs-src-old@freebsd.org; Sat, 23 Jan 2010 19:01:42 GMT
	(envelope-from kib@repoman.freebsd.org)
Message-Id: <201001231901.o0NJ1gM1000124@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	kib@repoman.freebsd.org using -f
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Sat, 23 Jan 2010 19:01:25 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: RELENG_7
Subject: cvs commit: src/sys/kern vfs_syscalls.c
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jan 2010 19:01:42 -0000

kib         2010-01-23 19:01:25 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_7)
    sys/kern             vfs_syscalls.c 
  Log:
  SVN rev 202895 on 2010-01-23 19:01:25Z by kib
  
  MFC r186277:
  The quotactl, statfs and fstatfs syscall implementations may dereference
  NULL pointer to struct mount if the looked up vnode is reclaimed. Also,
  these syscalls only mnt_ref() the mp, still allowing it to be unmounted;
  only struct mount memory is kept from being reused.
  
  Lock the vnode when doing name lookup, then reference its mount point,
  unlock the vnode and vfs_busy the mountpoint. This sequence shall take
  care of both races.
  
  MFC r188141 (by trasz):
  In some situations, mnt_lockref could go negative due to vfs_unbusy() being
  called without calling vfs_busy() first.  This made umount(8) hang waiting
  for mnt_lockref to become zero, which would never happen.
  
  MFC r196887:
  In fhopen, vfs_ref() the mount point while vnode is unlocked, to prevent
  vn_start_write(NULL, &mp) from operating on potentially freed or reused
  struct mount *.
  
  Remove unmatched vfs_rel() in cleanup.
  
  Approved by:    re (bz)
  
  Revision    Changes    Path
  1.443.2.12  +24 -8     src/sys/kern/vfs_syscalls.c