git: 4c6cded21661 - main - fuse_vnop_copy_file_range(): add safety

From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Thu, 16 Nov 2023 20:11:50 UTC
The branch main has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=4c6cded2166111079c6b5e8b2353171dcc7ed0c4

commit 4c6cded2166111079c6b5e8b2353171dcc7ed0c4
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-11-14 22:49:35 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-11-16 20:10:31 +0000

    fuse_vnop_copy_file_range(): add safety
    
    v_mount for unlocked vnode could be NULL, check for it.  Explain why it
    is safe to access fs-specific data for mp if it is read as non-NULL.
    
    Reviewed by:    asomers, jah
    Sponsored by:   The FreeBSD Foundation
    MFC after:      1 week
    Differential revision:  https://reviews.freebsd.org/D42625
---
 sys/fs/fuse/fuse_vnops.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/fs/fuse/fuse_vnops.c b/sys/fs/fuse/fuse_vnops.c
index aead188276ec..b9e4e48e6dbd 100644
--- a/sys/fs/fuse/fuse_vnops.c
+++ b/sys/fs/fuse/fuse_vnops.c
@@ -861,7 +861,7 @@ fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap)
 	pid_t pid;
 	int err;
 
-	if (mp != vnode_mount(outvp))
+	if (mp == NULL || mp != vnode_mount(outvp))
 		goto fallback;
 
 	if (incred->cr_uid != outcred->cr_uid)
@@ -870,6 +870,7 @@ fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap)
 	if (incred->cr_groups[0] != outcred->cr_groups[0])
 		goto fallback;
 
+	/* Caller busied mp, mnt_data can be safely accessed. */
 	if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE))
 		goto fallback;