Date: Thu, 18 Dec 2008 12:01:19 +0000 (UTC) From: Konstantin Belousov <kib@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/sys/kern vfs_syscalls.c Message-ID: <200812181201.mBIC1cMs030080@repoman.freebsd.org>
index | next in thread | raw e-mail
kib 2008-12-18 12:01:19 UTC
FreeBSD src repository
Modified files:
sys/kern vfs_syscalls.c
Log:
SVN rev 186277 on 2008-12-18 12:01:19Z by kib
The quotactl, statfs and fstatfs syscall implementations may dereference
NULL pointer to struct mount if the looked up vnode is reclaimed. Also,
these syscalls only mnt_ref() the mp, still allowing it to be unmounted;
only struct mount memory is kept from being reused.
Lock the vnode when doing name lookup, then reference its mount point,
unlock the vnode and vfs_busy the mountpoint. This sequence shall take
care of both races.
Reported and tested by: pho
Discussed with: attilio
MFC after: 1 month
Revision Changes Path
1.467 +18 -6 src/sys/kern/vfs_syscalls.c
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812181201.mBIC1cMs030080>