Lock leakage on rename if vop->vop_rename is NULL (kern/107439)
Kostik Belousov
kostikbel at gmail.com
Fri Apr 2 09:04:06 UTC 2010
[Do not want to get "YOU ARE NOT IN WHITELIST" garbage]
On Fri, Apr 02, 2010 at 10:10:02AM +0300, Mikolaj Golub wrote:
> Hi,
>
> Could somebody look at kern/107439? Although the pr is closed the issue still
> persists: if a file system does not provide vop_rename the vop_bypass() is
> called and the vnods, which are expected to be unlocked in VOP_RENAME(), are
> left locked.
>
> I have attached there the patch that solves the problem but I am not confident
> about the solution.
Patch seems to be eaten by unnamed daemon, but survived in the PR log.
I think that ap->ap_tvp should be handled too.
Anyway, I assume that the proper solution there would be to implement
default vop_rename that is in fact identical to deadfs_rename(). The
later exists exactly to handle a very similar situation.
Please test the patch below. If it works for you, I will combine
deadfs_rename() and vop_norename().
Thanks for the report and patch.
diff --git a/sys/kern/vfs_default.c b/sys/kern/vfs_default.c
index 50bf0d2..7e278a5 100644
--- a/sys/kern/vfs_default.c
+++ b/sys/kern/vfs_default.c
@@ -67,6 +67,7 @@ __FBSDID("$FreeBSD$");
#include <vm/vnode_pager.h>
static int vop_nolookup(struct vop_lookup_args *);
+static int vop_norename(struct vop_rename_args *);
static int vop_nostrategy(struct vop_strategy_args *);
static int get_next_dirent(struct vnode *vp, struct dirent **dpp,
char *dirbuf, int dirbuflen, off_t *off,
@@ -113,6 +114,7 @@ struct vop_vector default_vnodeops = {
.vop_poll = vop_nopoll,
.vop_putpages = vop_stdputpages,
.vop_readlink = VOP_EINVAL,
+ .vop_rename = vop_norename,
.vop_revoke = VOP_PANIC,
.vop_strategy = vop_nostrategy,
.vop_unlock = vop_stdunlock,
@@ -206,6 +208,27 @@ vop_nolookup(ap)
}
/*
+ * vop_norename:
+ *
+ * Handle unlock and reference counting for arguments of vop_rename
+ * for filesystems that do not implement rename operation.
+ */
+static int
+vop_norename(struct vop_rename_args *ap)
+{
+
+ if (ap->a_tvp != NULL)
+ vput(ap->a_tvp);
+ if (ap->a_tdvp == ap->a_tvp)
+ vrele(ap->a_tdvp);
+ else
+ vput(ap->a_tdvp);
+ vrele(ap->a_fdvp);
+ vrele(ap->a_fvp);
+ return (EOPNOTSUPP);
+}
+
+/*
* vop_nostrategy:
*
* Strategy routine for VFS devices that have none.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-fs/attachments/20100402/4ce36308/attachment.pgp
More information about the freebsd-fs
mailing list