From owner-cvs-src-old@FreeBSD.ORG  Sat Nov 29 13:36:59 2008
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5BB501065675
	for <cvs-src-old@freebsd.org>; Sat, 29 Nov 2008 13:36:59 +0000 (UTC)
	(envelope-from kib@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 535798FC08
	for <cvs-src-old@freebsd.org>; Sat, 29 Nov 2008 13:36:59 +0000 (UTC)
	(envelope-from kib@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id mATDaxcs039514
	for <cvs-src-old@freebsd.org>; Sat, 29 Nov 2008 13:36:59 GMT
	(envelope-from kib@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id mATDaxgY039513
	for cvs-src-old@freebsd.org; Sat, 29 Nov 2008 13:36:59 GMT
	(envelope-from kib@repoman.freebsd.org)
Message-Id: <200811291336.mATDaxgY039513@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	kib@repoman.freebsd.org using -f
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Sat, 29 Nov 2008 13:34:59 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/sys/kern vfs_subr.c vfs_syscalls.c
 src/sys/nfsserver nfs_srvsubs.c src/sys/sys mount.h
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Nov 2008 13:36:59 -0000

kib         2008-11-29 13:34:59 UTC

  FreeBSD src repository

  Modified files:
    sys/kern             vfs_subr.c vfs_syscalls.c 
    sys/nfsserver        nfs_srvsubs.c 
    sys/sys              mount.h 
  Log:
  SVN rev 185432 on 2008-11-29 13:34:59Z by kib
  
  In the nfsrv_fhtovp(), after the vfs_getvfs() function found the pointer
  to the fs, but before a vnode on the fs is locked, unmount may free fs
  structures, causing access to destroyed data and freed memory.
  
  Introduce a vfs_busymp() function that looks up and busies found
  fs while mountlist_mtx is held. Use it in nfsrv_fhtovp() and in the
  implementation of the handle syscalls.
  
  Two other uses of the vfs_getvfs() in the vfs_subr.c, namely in
  sysctl_vfs_ctl and vfs_getnewfsid seems to be ok. In particular,
  sysctl_vfs_ctl is protected by Giant by being a non-sleeping sysctl
  handler, that prevents Giant-locked unmount code to interfere with it.
  
  Noted by:       tegge
  Reviewed by:    dfr
  Tested by:      pho
  MFC after:      1 month
  
  Revision  Changes    Path
  1.749     +26 -0     src/sys/kern/vfs_subr.c
  1.466     +9 -9      src/sys/kern/vfs_syscalls.c
  1.162     +6 -3      src/sys/nfsserver/nfs_srvsubs.c
  1.239     +1 -0      src/sys/sys/mount.h