diff options
author | jhb <jhb@FreeBSD.org> | 2009-07-31 13:40:06 +0000 |
---|---|---|
committer | jhb <jhb@FreeBSD.org> | 2009-07-31 13:40:06 +0000 |
commit | 03d158678f1be45d0a053a2a17d0882d192ad011 (patch) | |
tree | 3c0ee46bb65f1cead854a069eba0dc7df6fddee0 | |
parent | ee695c0b4b51fdb522a1706339d3476b2cbe0982 (diff) | |
download | FreeBSD-src-03d158678f1be45d0a053a2a17d0882d192ad011.zip FreeBSD-src-03d158678f1be45d0a053a2a17d0882d192ad011.tar.gz |
Fix some LORs between vnode locks and filedescriptor table locks.
- Don't grab the filedesc lock just to read fd_cmask.
- Drop vnode locks earlier when mounting the root filesystem and before
sanitizing stdin/out/err file descriptors during execve().
Submitted by: kib
Approved by: re (rwatson)
MFC after: 1 week
-rw-r--r-- | sys/fs/unionfs/union_subr.c | 2 | ||||
-rw-r--r-- | sys/kern/kern_exec.c | 2 | ||||
-rw-r--r-- | sys/kern/vfs_mount.c | 9 | ||||
-rw-r--r-- | sys/kern/vfs_syscalls.c | 8 |
4 files changed, 6 insertions, 15 deletions
diff --git a/sys/fs/unionfs/union_subr.c b/sys/fs/unionfs/union_subr.c index bfcbdcd..0791d2e 100644 --- a/sys/fs/unionfs/union_subr.c +++ b/sys/fs/unionfs/union_subr.c @@ -486,9 +486,7 @@ unionfs_create_uppervattr_core(struct unionfs_mount *ump, } break; default: /* UNIONFS_TRADITIONAL */ - FILEDESC_SLOCK(td->td_proc->p_fd); uva->va_mode = 0777 & ~td->td_proc->p_fd->fd_cmask; - FILEDESC_SUNLOCK(td->td_proc->p_fd); uva->va_uid = ump->um_uid; uva->va_gid = ump->um_gid; break; diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 663ab64..e770d07 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -673,8 +673,8 @@ interpret: * allocate memory, so temporarily drop the process lock. */ PROC_UNLOCK(p); - setugidsafety(td); VOP_UNLOCK(imgp->vp, 0); + setugidsafety(td); error = fdcheckstd(td); vn_lock(imgp->vp, LK_EXCLUSIVE | LK_RETRY); if (error != 0) diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c index f304ec6..15899ce 100644 --- a/sys/kern/vfs_mount.c +++ b/sys/kern/vfs_mount.c @@ -1069,9 +1069,10 @@ vfs_domount( vfs_event_signal(NULL, VQ_MOUNT, 0); if (VFS_ROOT(mp, LK_EXCLUSIVE, &newdp)) panic("mount: lost mount"); - mountcheckdirs(vp, newdp); - vput(newdp); + VOP_UNLOCK(newdp, 0); VOP_UNLOCK(vp, 0); + mountcheckdirs(vp, newdp); + vrele(newdp); if ((mp->mnt_flag & MNT_RDONLY) == 0) error = vfs_allocate_syncvnode(mp); vfs_unbusy(mp); @@ -1480,6 +1481,8 @@ set_rootvnode() if (VFS_ROOT(TAILQ_FIRST(&mountlist), LK_EXCLUSIVE, &rootvnode)) panic("Cannot find root vnode"); + VOP_UNLOCK(rootvnode, 0); + p = curthread->td_proc; FILEDESC_XLOCK(p->p_fd); @@ -1495,8 +1498,6 @@ set_rootvnode() FILEDESC_XUNLOCK(p->p_fd); - VOP_UNLOCK(rootvnode, 0); - EVENTHANDLER_INVOKE(mountroot); } diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index d24926b..f5705f9 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1307,10 +1307,8 @@ restart: return (EEXIST); } else { VATTR_NULL(&vattr); - FILEDESC_SLOCK(td->td_proc->p_fd); vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask; - FILEDESC_SUNLOCK(td->td_proc->p_fd); vattr.va_rdev = dev; whiteout = 0; @@ -1442,9 +1440,7 @@ restart: } VATTR_NULL(&vattr); vattr.va_type = VFIFO; - FILEDESC_SLOCK(td->td_proc->p_fd); vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask; - FILEDESC_SUNLOCK(td->td_proc->p_fd); #ifdef MAC error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd, &vattr); @@ -1705,9 +1701,7 @@ restart: goto restart; } VATTR_NULL(&vattr); - FILEDESC_SLOCK(td->td_proc->p_fd); vattr.va_mode = ACCESSPERMS &~ td->td_proc->p_fd->fd_cmask; - FILEDESC_SUNLOCK(td->td_proc->p_fd); #ifdef MAC vattr.va_type = VLNK; error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd, @@ -3773,9 +3767,7 @@ restart: } VATTR_NULL(&vattr); vattr.va_type = VDIR; - FILEDESC_SLOCK(td->td_proc->p_fd); vattr.va_mode = (mode & ACCESSPERMS) &~ td->td_proc->p_fd->fd_cmask; - FILEDESC_SUNLOCK(td->td_proc->p_fd); #ifdef MAC error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd, &vattr); |