From owner-svn-src-all@FreeBSD.ORG Tue Dec 21 23:15:40 2010 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E5E03106566B; Tue, 21 Dec 2010 23:15:40 +0000 (UTC) (envelope-from pjd@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id BC24D8FC13; Tue, 21 Dec 2010 23:15:40 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id oBLNFeEs078418; Tue, 21 Dec 2010 23:15:40 GMT (envelope-from pjd@svn.freebsd.org) Received: (from pjd@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id oBLNFeJ7078416; Tue, 21 Dec 2010 23:15:40 GMT (envelope-from pjd@svn.freebsd.org) Message-Id: <201012212315.oBLNFeJ7078416@svn.freebsd.org> From: Pawel Jakub Dawidek Date: Tue, 21 Dec 2010 23:15:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r216633 - head/sys/nfsserver X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Dec 2010 23:15:41 -0000 Author: pjd Date: Tue Dec 21 23:15:40 2010 New Revision: 216633 URL: http://svn.freebsd.org/changeset/base/216633 Log: Use newly added NFSRV_FLAG_BUSY flag for nfsrv_fhtovp() to keep mount point busy. This fixes a race where we can pass invalid mount point to VFS_VGET() via vp->v_mount when exported file system was forcibly unmounted between nfsrv_fhtovp() and VFS_VGET(). Reviewed by: kib MFC after: 5 days Modified: head/sys/nfsserver/nfs_serv.c Modified: head/sys/nfsserver/nfs_serv.c ============================================================================== --- head/sys/nfsserver/nfs_serv.c Tue Dec 21 23:12:45 2010 (r216632) +++ head/sys/nfsserver/nfs_serv.c Tue Dec 21 23:15:40 2010 (r216633) @@ -3036,9 +3036,11 @@ nfsrv_readdirplus(struct nfsrv_descript int v3 = (nfsd->nd_flag & ND_NFSV3); int usevget = 1, vfslocked; struct componentname cn; + struct mount *mntp = NULL; nfsdbprintf(("%s %d\n", __FILE__, __LINE__)); vfslocked = 0; + vp_locked = 0; if (!v3) panic("nfsrv_readdirplus: v3 proc called on a v2 connection"); fhp = &nfh.fh_generic; @@ -3058,14 +3060,17 @@ nfsrv_readdirplus(struct nfsrv_descript if (siz > xfer) siz = xfer; fullsiz = siz; - error = nfsrv_fhtovp(fhp, 0, &vp, &vfslocked, nfsd, slp, - nam, &rdonly, TRUE); - vp_locked = 1; - if (!error && vp->v_type != VDIR) { - error = ENOTDIR; - vput(vp); - vp = NULL; - vp_locked = 0; + error = nfsrv_fhtovp(fhp, NFSRV_FLAG_BUSY, &vp, &vfslocked, nfsd, slp, + nam, &rdonly); + if (!error) { + vp_locked = 1; + mntp = vp->v_mount; + if (vp->v_type != VDIR) { + error = ENOTDIR; + vput(vp); + vp = NULL; + vp_locked = 0; + } } if (error) { nfsm_reply(NFSX_UNSIGNED); @@ -3207,8 +3212,8 @@ again: * For readdir_and_lookup get the vnode using * the file number. */ - error = VFS_VGET(vp->v_mount, dp->d_fileno, - LK_SHARED, &nvp); + error = VFS_VGET(mntp, dp->d_fileno, LK_SHARED, + &nvp); if (error != 0 && error != EOPNOTSUPP) { error = 0; goto invalid;