NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/41158: nfs_rename() locking against myself
On Wed, Apr 08, 2009 at 08:56:41PM +0200, Manuel Bouyer wrote:
> My proposed fix (see attached patch) it to change nfsm_reply() to use
> a 'error = 0; goto nfsmout' instead of return (0).
> I most use it's equivalent because the function use nfsm_srvdone.
> The place where it matters are:
> nfsrv_create(): it could fix a bug here because we could exit the
> function without vrele(dirp). Someone familiar with the VOP layer
> should confirm that nfsreplyabort: is DTRT in this case (i.e. for all
> calls to nfsm_reply()). There are some places here where a return(0)
> is done without a vrele(dirp), I don't know if it's correct.
> nfsrv_mknod(), nfsrv_symlink(), nfsrv_mkdir(): it's easier because there's
> only 2 calls to nfsm_reply().
> nfsrv_rename(): this is where it's interesting :) I think nfsmout: will
> do it. Could there be a missing VOP_ABORTOP(tond)/vrele(tvp) in
> the nfsmout: case ?
>
> Then there are the macros using nfsm_reply(): nfsm_srvnamesiz is
> always called at the top of the function; it's easy.
> nfsm_srvmtofh() is a bit more difficult because of its use in
> nfsrv_writegather(). nfsm_dissect() is called immediatly after, so using
> the same nfsmout should be OK.
I forgot to mention that I've not seen this panic since I've this
patch on my test NFS server.
--
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
NetBSD: 26 ans d'experience feront toujours la difference
--
Home |
Main Index |
Thread Index |
Old Index