Author: kib
Date: Thu Dec 21 13:30:56 2017
New Revision: 327059
URL: https://svnweb.freebsd.org/changeset/base/327059
Log:
MFC r326851:
In devfs_lookupx() dotdot lookup case, avoid dereferencing
dvp->v_mount after dvp is unlocked.
Modified:
stable/11/sys/fs/devfs/devfs_vnops.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/sys/fs/devfs/devfs_vnops.c
==============================================================================
--- stable/11/sys/fs/devfs/devfs_vnops.c Thu Dec 21 12:21:35 2017
(r327058)
+++ stable/11/sys/fs/devfs/devfs_vnops.c Thu Dec 21 13:30:56 2017
(r327059)
@@ -880,6 +880,7 @@ devfs_lookupx(struct vop_lookup_args *ap, int *dm_unlo
struct devfs_dirent *de, *dd;
struct devfs_dirent **dde;
struct devfs_mount *dmp;
+ struct mount *mp;
struct cdev *cdev;
int error, flags, nameiop, dvplocked;
char specname[SPECNAMELEN + 1], *pname;
@@ -891,7 +892,8 @@ devfs_lookupx(struct vop_lookup_args *ap, int *dm_unlo
td = cnp->cn_thread;
flags = cnp->cn_flags;
nameiop = cnp->cn_nameiop;
- dmp = VFSTODEVFS(dvp->v_mount);
+ mp = dvp->v_mount;
+ dmp = VFSTODEVFS(mp);
dd = dvp->v_data;
*vpp = NULLVP;
@@ -924,8 +926,8 @@ devfs_lookupx(struct vop_lookup_args *ap, int *dm_unlo
return (ENOENT);
dvplocked = VOP_ISLOCKED(dvp);
VOP_UNLOCK(dvp, 0);
- error = devfs_allocv(de, dvp->v_mount,
- cnp->cn_lkflags & LK_TYPE_MASK, vpp);
+ error = devfs_allocv(de, mp, cnp->cn_lkflags & LK_TYPE_MASK,
+ vpp);
*dm_unlock = 0;
vn_lock(dvp, dvplocked | LK_RETRY);
return (error);
@@ -1010,8 +1012,7 @@ devfs_lookupx(struct vop_lookup_args *ap, int *dm_unlo
return (0);
}
}
- error = devfs_allocv(de, dvp->v_mount, cnp->cn_lkflags & LK_TYPE_MASK,
- vpp);
+ error = devfs_allocv(de, mp, cnp->cn_lkflags & LK_TYPE_MASK, vpp);
*dm_unlock = 0;
return (error);
}
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
