svn commit: r224778 - in head: sys/amd64/linux32 sys/cddl/compat/opensolaris/sys sys/compat/freebsd32 sys/compat/linux sys/compat/svr4 sys/dev/aac sys/dev/amr sys/dev/hwpmc sys/dev/ipmi sys/dev/isc...

Jonathan Anderson jonathan at FreeBSD.org
Tue Aug 16 14:22:33 UTC 2011 

It looks like r224086 added "goto out" error handling, so our "return
(error)" seems to be a merge conflict.

Sorry, I'll ask RE if I can fix that right now.


Jon

On 16 August 2011 13:29, Jaakko Heinonen <jh at freebsd.org> wrote:
>
> Hi,
>
> On 2011-08-11, Robert Watson wrote:
>>   Second-to-last commit implementing Capsicum capabilities in the FreeBSD
>>   kernel for FreeBSD 9.0:
>
> This commit seems to have broken nfsd for me.
>
>> Modified: head/sys/fs/nfsserver/nfs_nfsdport.c
>> ==============================================================================
>> --- head/sys/fs/nfsserver/nfs_nfsdport.c      Thu Aug 11 11:30:21 2011        (r224777)
>> +++ head/sys/fs/nfsserver/nfs_nfsdport.c      Thu Aug 11 12:30:23 2011        (r224778)
>> @@ -3027,8 +3029,14 @@ nfssvc_nfsd(struct thread *td, struct nf
>>               error = copyin(uap->argp, (caddr_t)&sockarg, sizeof (sockarg));
>>               if (error)
>>                       goto out;
>> -             if ((error = fget(td, sockarg.sock, &fp)) != 0)
>> +             /*
>> +              * Since we don't know what rights might be required,
>> +              * pretend that we need them all. It is better to be too
>> +              * careful than too reckless.
>> +              */
>> +             if ((error = fget(td, sockarg.sock, CAP_SOCK_ALL, &fp)) != 0)
>>                       goto out;
>> +                     return (error);
>
> This for sure can't be correct. With the patch below nfsd seems to work
> again for me.
>
> %%%
> Index: sys/fs/nfsserver/nfs_nfsdport.c
> ===================================================================
> --- sys/fs/nfsserver/nfs_nfsdport.c     (revision 224908)
> +++ sys/fs/nfsserver/nfs_nfsdport.c     (working copy)
> @@ -3036,7 +3036,6 @@ nfssvc_nfsd(struct thread *td, struct nf
>                 */
>                if ((error = fget(td, sockarg.sock, CAP_SOCK_ALL, &fp)) != 0)
>                        goto out;
> -                       return (error);
>                if (fp->f_type != DTYPE_SOCKET) {
>                        fdrop(fp, td);
>                        error = EPERM;
> %%%
>
> --
> Jaakko
>



-- 
Jonathan Anderson

jonathan at FreeBSD.org
http://freebsd.org/~jonathan/

More information about the svn-src-all mailing list