From deffc4a02658a77de8f650f8dfa2177dd0d13b70 Mon Sep 17 00:00:00 2001 From: Mateusz Guzik Date: Fri, 23 Sep 2016 06:51:46 +0000 Subject: [PATCH] fd: fix up fgetvp_rights after r306184 fget_cap_locked returns a referenced file, but the fgetvp_rights does not need it. Instead, due to the filedesc lock being held, it can ref the vnode after the file was looked up. Fix up fget_cap_locked to be consistent with other _locked helpers and not ref the file. This plugs a leak introduced in r306184. Pointy hat to: mjg, oshogbo --- sys/kern/kern_descrip.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 31072f1b8660..5c6ac8934416 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -2469,7 +2469,6 @@ fget_cap_locked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, if (havecapsp != NULL) filecaps_copy(&fde->fde_caps, havecapsp, true); - fhold(fde->fde_file); *fpp = fde->fde_file; error = 0; @@ -2511,6 +2510,8 @@ fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, get_locked: FILEDESC_SLOCK(fdp); error = fget_cap_locked(fdp, fd, needrightsp, fpp, havecapsp); + if (error == 0) + fhold(*fpp); FILEDESC_SUNLOCK(fdp); return (error);