From owner-svn-src-stable-8@FreeBSD.ORG Thu Jun 3 09:15:53 2010 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4EA5A1065675; Thu, 3 Jun 2010 09:15:53 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (unknown [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 23E198FC1F; Thu, 3 Jun 2010 09:15:53 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o539FruD029026; Thu, 3 Jun 2010 09:15:53 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o539FrjJ029024; Thu, 3 Jun 2010 09:15:53 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <201006030915.o539FrjJ029024@svn.freebsd.org> From: Robert Watson Date: Thu, 3 Jun 2010 09:15:53 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r208769 - stable/8/sys/fs/nfsserver X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2010 09:15:53 -0000 Author: rwatson Date: Thu Jun 3 09:15:52 2010 New Revision: 208769 URL: http://svn.freebsd.org/changeset/base/208769 Log: Merge r205010 from head to stable/8: Update nfsrv_getsocksndseq() for changes in TCP internals since FreeBSD 6.x: - so_pcb is now guaranteed to be non-NULL and valid if a valid socket reference is held. - Need to check INP_TIMEWAIT and INP_DROPPED before assuming inp_ppcb is a tcpcb, as it might be a tcptw or NULL otherwise. - tp can never be NULL by the end of the function, so only check TCPS_ESTABLISHED before extracting tcpcb fields. The NFS server arguably incorporates too many assumptions about TCP internals, but fixing that is left for another day. Reviewed by: bz Reviewed and tested by: rmacklem Sponsored by: Juniper Networks Approved by: re (kib) Modified: stable/8/sys/fs/nfsserver/nfs_nfsdport.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/geom/sched/ (props changed) Modified: stable/8/sys/fs/nfsserver/nfs_nfsdport.c ============================================================================== --- stable/8/sys/fs/nfsserver/nfs_nfsdport.c Thu Jun 3 09:06:50 2010 (r208768) +++ stable/8/sys/fs/nfsserver/nfs_nfsdport.c Thu Jun 3 09:15:52 2010 (r208769) @@ -2674,24 +2674,23 @@ nfsrv_getsocksndseq(struct socket *so, t { struct inpcb *inp; struct tcpcb *tp; - int error = EPIPE; - INP_INFO_RLOCK(&V_tcbinfo); inp = sotoinpcb(so); - if (inp == NULL) { - INP_INFO_RUNLOCK(&V_tcbinfo); - return (error); - } + KASSERT(inp != NULL, ("nfsrv_getsocksndseq: inp == NULL")); INP_RLOCK(inp); - INP_INFO_RUNLOCK(&V_tcbinfo); + if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) { + INP_RUNLOCK(inp); + return (EPIPE); + } tp = intotcpcb(inp); - if (tp != NULL && tp->t_state == TCPS_ESTABLISHED) { - *maxp = tp->snd_max; - *unap = tp->snd_una; - error = 0; + if (tp->t_state != TCPS_ESTABLISHED) { + INP_RUNLOCK(inp); + return (EPIPE); } + *maxp = tp->snd_max; + *unap = tp->snd_una; INP_RUNLOCK(inp); - return (error); + return (0); } /*