Moved the fsnode MALLOC to before the call to getnewvnode() so that the
process won't possibly block before filling in the fsnode pointer (v_data) which might be dereferenced during a sync since the vnode is put on the mnt_vnodelist by getnewvnode. Pointed out by Matt Day <mday@artisoft.com>
This commit is contained in:
David Greenman
parent
74ae43213c
commit
2f9bae59d6
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)fdesc_vnops.c 8.9 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: fdesc_vnops.c,v 1.14 1995/12/05 19:12:05 bde Exp $
|
||||
* $Id: fdesc_vnops.c,v 1.15 1995/12/08 11:17:40 julian Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -170,10 +170,18 @@ fdesc_allocvp(ftype, ix, mp, vpp)
|
||||
}
|
||||
fdcache_lock |= FDL_LOCKED;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(fd, struct fdescnode *, sizeof(struct fdescnode), M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_FDESC, mp, fdesc_vnodeop_p, vpp);
|
||||
if (error)
|
||||
if (error) {
|
||||
FREE(fd, M_TEMP);
|
||||
goto out;
|
||||
MALLOC(fd, void *, sizeof(struct fdescnode), M_TEMP, M_WAITOK);
|
||||
}
|
||||
(*vpp)->v_data = fd;
|
||||
fd->fd_vnode = *vpp;
|
||||
fd->fd_type = ftype;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $Id: msdosfs_denode.c,v 1.15 1995/12/07 12:47:19 davidg Exp $ */
|
||||
/* $Id: msdosfs_denode.c,v 1.16 1996/01/19 03:58:42 dyson Exp $ */
|
||||
/* $NetBSD: msdosfs_denode.c,v 1.9 1994/08/21 18:44:00 ws Exp $ */
|
||||
|
||||
/*-
|
||||
@ -225,6 +225,12 @@ deget(pmp, dirclust, diroffset, direntptr, depp)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(ldep, struct denode *, sizeof(struct denode), M_MSDOSFSNODE, M_WAITOK);
|
||||
|
||||
/*
|
||||
* Directory entry was not in cache, have to create a vnode and
|
||||
@ -233,10 +239,10 @@ deget(pmp, dirclust, diroffset, direntptr, depp)
|
||||
/* getnewvnode() does a VREF() on the vnode */
|
||||
error = getnewvnode(VT_MSDOSFS, mntp, msdosfs_vnodeop_p, &nvp);
|
||||
if (error) {
|
||||
*depp = 0;
|
||||
*depp = NULL;
|
||||
FREE(ldep, M_MSDOSFSNODE);
|
||||
return error;
|
||||
}
|
||||
MALLOC(ldep, struct denode *, sizeof(struct denode), M_MSDOSFSNODE, M_WAITOK);
|
||||
bzero((caddr_t)ldep, sizeof *ldep);
|
||||
nvp->v_data = ldep;
|
||||
ldep->de_vnode = nvp;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)null_subr.c 8.4 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: null_subr.c,v 1.4 1995/12/03 14:38:49 bde Exp $
|
||||
* $Id: null_subr.c,v 1.5 1995/12/03 14:54:22 bde Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -162,12 +162,20 @@ null_node_alloc(mp, lowervp, vpp)
|
||||
struct vnode *othervp, *vp;
|
||||
int error;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(xp, struct null_node *, sizeof(struct null_node), M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_NULL, mp, null_vnodeop_p, vpp);
|
||||
if (error)
|
||||
if (error) {
|
||||
FREE(xp, M_TEMP);
|
||||
return (error);
|
||||
}
|
||||
vp = *vpp;
|
||||
|
||||
MALLOC(xp, struct null_node *, sizeof(struct null_node), M_TEMP, M_WAITOK);
|
||||
vp->v_type = lowervp->v_type;
|
||||
xp->null_vnode = vp;
|
||||
vp->v_data = xp;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)portal_vfsops.c 8.6 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: portal_vfsops.c,v 1.9 1995/11/16 11:24:06 bde Exp $
|
||||
* $Id: portal_vfsops.c,v 1.10 1995/12/11 09:24:43 phk Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -105,6 +105,7 @@ portal_mount(mp, path, data, ndp, p)
|
||||
struct portalmount *fmp;
|
||||
struct socket *so;
|
||||
struct vnode *rvp;
|
||||
struct portalnode *pn;
|
||||
u_int size;
|
||||
int error;
|
||||
|
||||
@ -125,14 +126,20 @@ portal_mount(mp, path, data, ndp, p)
|
||||
if (so->so_proto->pr_domain->dom_family != AF_UNIX)
|
||||
return (ESOCKTNOSUPPORT);
|
||||
|
||||
error = getnewvnode(VT_PORTAL, mp, portal_vnodeop_p, &rvp); /* XXX */
|
||||
if (error)
|
||||
return (error);
|
||||
MALLOC(rvp->v_data, void *, sizeof(struct portalnode),
|
||||
MALLOC(pn, struct portalnode *, sizeof(struct portalnode),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
fmp = (struct portalmount *) malloc(sizeof(struct portalmount),
|
||||
M_UFSMNT, M_WAITOK); /* XXX */
|
||||
MALLOC(fmp, struct portalmount *, sizeof(struct portalmount),
|
||||
M_UFSMNT, M_WAITOK); /* XXX */
|
||||
|
||||
error = getnewvnode(VT_PORTAL, mp, portal_vnodeop_p, &rvp); /* XXX */
|
||||
if (error) {
|
||||
FREE(fmp, M_UFSMNT);
|
||||
FREE(pn, M_TEMP);
|
||||
return (error);
|
||||
}
|
||||
|
||||
rvp->v_data = pn;
|
||||
rvp->v_type = VDIR;
|
||||
rvp->v_flag |= VROOT;
|
||||
VTOPORTAL(rvp)->pt_arg = 0;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)portal_vnops.c 8.8 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: portal_vnops.c,v 1.10 1995/12/11 09:24:45 phk Exp $
|
||||
* $Id: portal_vnops.c,v 1.11 1996/02/13 18:16:25 wollman Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -126,15 +126,21 @@ portal_lookup(ap)
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
||||
error = getnewvnode(VT_PORTAL, ap->a_dvp->v_mount, portal_vnodeop_p, &fvp);
|
||||
if (error)
|
||||
goto bad;
|
||||
fvp->v_type = VREG;
|
||||
MALLOC(fvp->v_data, void *, sizeof(struct portalnode),
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(pt, struct portalnode *, sizeof(struct portalnode),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
pt = VTOPORTAL(fvp);
|
||||
error = getnewvnode(VT_PORTAL, ap->a_dvp->v_mount, portal_vnodeop_p, &fvp);
|
||||
if (error) {
|
||||
FREE(pt, M_TEMP);
|
||||
goto bad;
|
||||
}
|
||||
fvp->v_type = VREG;
|
||||
fvp->v_data = pt;
|
||||
/*
|
||||
* Save all of the remaining pathname and
|
||||
* advance the namei next pointer to the end
|
||||
|
||||
@ -36,7 +36,7 @@
|
||||
*
|
||||
* @(#)procfs_subr.c 8.4 (Berkeley) 1/27/94
|
||||
*
|
||||
* $Id: procfs_subr.c,v 1.4 1995/04/15 02:30:12 davidg Exp $
|
||||
* $Id: procfs_subr.c,v 1.5 1995/05/30 08:07:11 rgrimes Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -111,14 +111,20 @@ procfs_allocvp(mp, vpp, pid, pfs_type)
|
||||
}
|
||||
pfsvplock |= PROCFS_LOCKED;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(pfs, struct pfsnode *, sizeof(struct pfsnode), M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_PROCFS, mp, procfs_vnodeop_p, vpp);
|
||||
if (error)
|
||||
if (error) {
|
||||
FREE(pfs, M_TEMP);
|
||||
goto out;
|
||||
}
|
||||
|
||||
MALLOC((*vpp)->v_data, void *, sizeof(struct pfsnode),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
pfs = VTOPFS(*vpp);
|
||||
(*vpp)->v_data = pfs;
|
||||
pfs->pfs_next = 0;
|
||||
pfs->pfs_pid = (pid_t) pid;
|
||||
pfs->pfs_type = pfs_type;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)umap_subr.c 8.6 (Berkeley) 1/26/94
|
||||
*
|
||||
* $Id: umap_subr.c,v 1.5 1995/12/03 14:38:57 bde Exp $
|
||||
* $Id: umap_subr.c,v 1.6 1995/12/03 14:54:39 bde Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -222,13 +222,23 @@ umap_node_alloc(mp, lowervp, vpp)
|
||||
struct vnode *othervp, *vp;
|
||||
int error;
|
||||
|
||||
error = getnewvnode(VT_UMAP, mp, umap_vnodeop_p, vpp);
|
||||
if (error)
|
||||
return (error);
|
||||
vp = *vpp;
|
||||
/* XXX This routine probably needs a node_alloc lock */
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(xp, struct umap_node *, sizeof(struct umap_node),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_UMAP, mp, umap_vnodeop_p, vpp);
|
||||
if (error) {
|
||||
FREE(xp, M_TEMP);
|
||||
return (error);
|
||||
}
|
||||
vp = *vpp;
|
||||
|
||||
vp->v_type = lowervp->v_type;
|
||||
xp->umap_vnode = vp;
|
||||
vp->v_data = xp;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)fdesc_vnops.c 8.9 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: fdesc_vnops.c,v 1.14 1995/12/05 19:12:05 bde Exp $
|
||||
* $Id: fdesc_vnops.c,v 1.15 1995/12/08 11:17:40 julian Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -170,10 +170,18 @@ fdesc_allocvp(ftype, ix, mp, vpp)
|
||||
}
|
||||
fdcache_lock |= FDL_LOCKED;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(fd, struct fdescnode *, sizeof(struct fdescnode), M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_FDESC, mp, fdesc_vnodeop_p, vpp);
|
||||
if (error)
|
||||
if (error) {
|
||||
FREE(fd, M_TEMP);
|
||||
goto out;
|
||||
MALLOC(fd, void *, sizeof(struct fdescnode), M_TEMP, M_WAITOK);
|
||||
}
|
||||
(*vpp)->v_data = fd;
|
||||
fd->fd_vnode = *vpp;
|
||||
fd->fd_type = ftype;
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)kernfs_vfsops.c 8.4 (Berkeley) 1/21/94
|
||||
* $Id: kernfs_vfsops.c,v 1.12 1995/12/13 15:13:28 julian Exp $
|
||||
* $Id: kernfs_vfsops.c,v 1.13 1995/12/14 18:26:55 julian Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -165,12 +165,15 @@ kernfs_mount(mp, path, data, ndp, p)
|
||||
if (mp->mnt_flag & MNT_UPDATE)
|
||||
return (EOPNOTSUPP);
|
||||
|
||||
error = getnewvnode(VT_KERNFS, mp, kernfs_vnodeop_p, &rvp); /* XXX */
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
MALLOC(fmp, struct kernfs_mount *, sizeof(struct kernfs_mount),
|
||||
M_UFSMNT, M_WAITOK); /* XXX */
|
||||
|
||||
error = getnewvnode(VT_KERNFS, mp, kernfs_vnodeop_p, &rvp); /* XXX */
|
||||
if (error) {
|
||||
FREE(fmp, M_UFSMNT);
|
||||
return (error);
|
||||
}
|
||||
|
||||
rvp->v_type = VDIR;
|
||||
rvp->v_flag |= VROOT;
|
||||
#ifdef KERNFS_DIAGNOSTIC
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)null_subr.c 8.4 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: null_subr.c,v 1.4 1995/12/03 14:38:49 bde Exp $
|
||||
* $Id: null_subr.c,v 1.5 1995/12/03 14:54:22 bde Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -162,12 +162,20 @@ null_node_alloc(mp, lowervp, vpp)
|
||||
struct vnode *othervp, *vp;
|
||||
int error;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(xp, struct null_node *, sizeof(struct null_node), M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_NULL, mp, null_vnodeop_p, vpp);
|
||||
if (error)
|
||||
if (error) {
|
||||
FREE(xp, M_TEMP);
|
||||
return (error);
|
||||
}
|
||||
vp = *vpp;
|
||||
|
||||
MALLOC(xp, struct null_node *, sizeof(struct null_node), M_TEMP, M_WAITOK);
|
||||
vp->v_type = lowervp->v_type;
|
||||
xp->null_vnode = vp;
|
||||
vp->v_data = xp;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)portal_vfsops.c 8.6 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: portal_vfsops.c,v 1.9 1995/11/16 11:24:06 bde Exp $
|
||||
* $Id: portal_vfsops.c,v 1.10 1995/12/11 09:24:43 phk Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -105,6 +105,7 @@ portal_mount(mp, path, data, ndp, p)
|
||||
struct portalmount *fmp;
|
||||
struct socket *so;
|
||||
struct vnode *rvp;
|
||||
struct portalnode *pn;
|
||||
u_int size;
|
||||
int error;
|
||||
|
||||
@ -125,14 +126,20 @@ portal_mount(mp, path, data, ndp, p)
|
||||
if (so->so_proto->pr_domain->dom_family != AF_UNIX)
|
||||
return (ESOCKTNOSUPPORT);
|
||||
|
||||
error = getnewvnode(VT_PORTAL, mp, portal_vnodeop_p, &rvp); /* XXX */
|
||||
if (error)
|
||||
return (error);
|
||||
MALLOC(rvp->v_data, void *, sizeof(struct portalnode),
|
||||
MALLOC(pn, struct portalnode *, sizeof(struct portalnode),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
fmp = (struct portalmount *) malloc(sizeof(struct portalmount),
|
||||
M_UFSMNT, M_WAITOK); /* XXX */
|
||||
MALLOC(fmp, struct portalmount *, sizeof(struct portalmount),
|
||||
M_UFSMNT, M_WAITOK); /* XXX */
|
||||
|
||||
error = getnewvnode(VT_PORTAL, mp, portal_vnodeop_p, &rvp); /* XXX */
|
||||
if (error) {
|
||||
FREE(fmp, M_UFSMNT);
|
||||
FREE(pn, M_TEMP);
|
||||
return (error);
|
||||
}
|
||||
|
||||
rvp->v_data = pn;
|
||||
rvp->v_type = VDIR;
|
||||
rvp->v_flag |= VROOT;
|
||||
VTOPORTAL(rvp)->pt_arg = 0;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)portal_vnops.c 8.8 (Berkeley) 1/21/94
|
||||
*
|
||||
* $Id: portal_vnops.c,v 1.10 1995/12/11 09:24:45 phk Exp $
|
||||
* $Id: portal_vnops.c,v 1.11 1996/02/13 18:16:25 wollman Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -126,15 +126,21 @@ portal_lookup(ap)
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
||||
error = getnewvnode(VT_PORTAL, ap->a_dvp->v_mount, portal_vnodeop_p, &fvp);
|
||||
if (error)
|
||||
goto bad;
|
||||
fvp->v_type = VREG;
|
||||
MALLOC(fvp->v_data, void *, sizeof(struct portalnode),
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(pt, struct portalnode *, sizeof(struct portalnode),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
pt = VTOPORTAL(fvp);
|
||||
error = getnewvnode(VT_PORTAL, ap->a_dvp->v_mount, portal_vnodeop_p, &fvp);
|
||||
if (error) {
|
||||
FREE(pt, M_TEMP);
|
||||
goto bad;
|
||||
}
|
||||
fvp->v_type = VREG;
|
||||
fvp->v_data = pt;
|
||||
/*
|
||||
* Save all of the remaining pathname and
|
||||
* advance the namei next pointer to the end
|
||||
|
||||
@ -36,7 +36,7 @@
|
||||
*
|
||||
* @(#)procfs_subr.c 8.4 (Berkeley) 1/27/94
|
||||
*
|
||||
* $Id: procfs_subr.c,v 1.4 1995/04/15 02:30:12 davidg Exp $
|
||||
* $Id: procfs_subr.c,v 1.5 1995/05/30 08:07:11 rgrimes Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -111,14 +111,20 @@ procfs_allocvp(mp, vpp, pid, pfs_type)
|
||||
}
|
||||
pfsvplock |= PROCFS_LOCKED;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(pfs, struct pfsnode *, sizeof(struct pfsnode), M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_PROCFS, mp, procfs_vnodeop_p, vpp);
|
||||
if (error)
|
||||
if (error) {
|
||||
FREE(pfs, M_TEMP);
|
||||
goto out;
|
||||
}
|
||||
|
||||
MALLOC((*vpp)->v_data, void *, sizeof(struct pfsnode),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
pfs = VTOPFS(*vpp);
|
||||
(*vpp)->v_data = pfs;
|
||||
pfs->pfs_next = 0;
|
||||
pfs->pfs_pid = (pid_t) pid;
|
||||
pfs->pfs_type = pfs_type;
|
||||
|
||||
@ -35,7 +35,7 @@
|
||||
*
|
||||
* @(#)umap_subr.c 8.6 (Berkeley) 1/26/94
|
||||
*
|
||||
* $Id: umap_subr.c,v 1.5 1995/12/03 14:38:57 bde Exp $
|
||||
* $Id: umap_subr.c,v 1.6 1995/12/03 14:54:39 bde Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -222,13 +222,23 @@ umap_node_alloc(mp, lowervp, vpp)
|
||||
struct vnode *othervp, *vp;
|
||||
int error;
|
||||
|
||||
error = getnewvnode(VT_UMAP, mp, umap_vnodeop_p, vpp);
|
||||
if (error)
|
||||
return (error);
|
||||
vp = *vpp;
|
||||
/* XXX This routine probably needs a node_alloc lock */
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(xp, struct umap_node *, sizeof(struct umap_node),
|
||||
M_TEMP, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_UMAP, mp, umap_vnodeop_p, vpp);
|
||||
if (error) {
|
||||
FREE(xp, M_TEMP);
|
||||
return (error);
|
||||
}
|
||||
vp = *vpp;
|
||||
|
||||
vp->v_type = lowervp->v_type;
|
||||
xp->umap_vnode = vp;
|
||||
vp->v_data = xp;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $Id: msdosfs_denode.c,v 1.15 1995/12/07 12:47:19 davidg Exp $ */
|
||||
/* $Id: msdosfs_denode.c,v 1.16 1996/01/19 03:58:42 dyson Exp $ */
|
||||
/* $NetBSD: msdosfs_denode.c,v 1.9 1994/08/21 18:44:00 ws Exp $ */
|
||||
|
||||
/*-
|
||||
@ -225,6 +225,12 @@ deget(pmp, dirclust, diroffset, direntptr, depp)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(ldep, struct denode *, sizeof(struct denode), M_MSDOSFSNODE, M_WAITOK);
|
||||
|
||||
/*
|
||||
* Directory entry was not in cache, have to create a vnode and
|
||||
@ -233,10 +239,10 @@ deget(pmp, dirclust, diroffset, direntptr, depp)
|
||||
/* getnewvnode() does a VREF() on the vnode */
|
||||
error = getnewvnode(VT_MSDOSFS, mntp, msdosfs_vnodeop_p, &nvp);
|
||||
if (error) {
|
||||
*depp = 0;
|
||||
*depp = NULL;
|
||||
FREE(ldep, M_MSDOSFSNODE);
|
||||
return error;
|
||||
}
|
||||
MALLOC(ldep, struct denode *, sizeof(struct denode), M_MSDOSFSNODE, M_WAITOK);
|
||||
bzero((caddr_t)ldep, sizeof *ldep);
|
||||
nvp->v_data = ldep;
|
||||
ldep->de_vnode = nvp;
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)nfs_node.c 8.2 (Berkeley) 12/30/93
|
||||
* $Id: nfs_node.c,v 1.11 1995/07/22 03:32:18 davidg Exp $
|
||||
* $Id: nfs_node.c,v 1.12 1995/10/29 15:32:50 phk Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -138,6 +138,13 @@ nfs_nget(mntp, fhp, fhsize, npp)
|
||||
goto loop;
|
||||
}
|
||||
nfs_node_hash_lock = 1;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(np, struct nfsnode *, sizeof *np, M_NFSNODE, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_NFS, mntp, nfsv2_vnodeop_p, &nvp);
|
||||
if (error) {
|
||||
@ -145,10 +152,10 @@ nfs_nget(mntp, fhp, fhsize, npp)
|
||||
wakeup(&nfs_node_hash_lock);
|
||||
nfs_node_hash_lock = 0;
|
||||
*npp = 0;
|
||||
FREE(np, M_NFSNODE);
|
||||
return (error);
|
||||
}
|
||||
vp = nvp;
|
||||
MALLOC(np, struct nfsnode *, sizeof *np, M_NFSNODE, M_WAITOK);
|
||||
bzero((caddr_t)np, sizeof *np);
|
||||
vp->v_data = np;
|
||||
np->n_vnode = vp;
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)nfs_node.c 8.2 (Berkeley) 12/30/93
|
||||
* $Id: nfs_node.c,v 1.11 1995/07/22 03:32:18 davidg Exp $
|
||||
* $Id: nfs_node.c,v 1.12 1995/10/29 15:32:50 phk Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -138,6 +138,13 @@ nfs_nget(mntp, fhp, fhsize, npp)
|
||||
goto loop;
|
||||
}
|
||||
nfs_node_hash_lock = 1;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(np, struct nfsnode *, sizeof *np, M_NFSNODE, M_WAITOK);
|
||||
|
||||
error = getnewvnode(VT_NFS, mntp, nfsv2_vnodeop_p, &nvp);
|
||||
if (error) {
|
||||
@ -145,10 +152,10 @@ nfs_nget(mntp, fhp, fhsize, npp)
|
||||
wakeup(&nfs_node_hash_lock);
|
||||
nfs_node_hash_lock = 0;
|
||||
*npp = 0;
|
||||
FREE(np, M_NFSNODE);
|
||||
return (error);
|
||||
}
|
||||
vp = nvp;
|
||||
MALLOC(np, struct nfsnode *, sizeof *np, M_NFSNODE, M_WAITOK);
|
||||
bzero((caddr_t)np, sizeof *np);
|
||||
vp->v_data = np;
|
||||
np->n_vnode = vp;
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)ffs_vfsops.c 8.8 (Berkeley) 4/18/94
|
||||
* $Id: ffs_vfsops.c,v 1.37 1996/03/02 03:45:12 dyson Exp $
|
||||
* $Id: ffs_vfsops.c,v 1.38 1996/03/02 22:18:34 dyson Exp $
|
||||
*/
|
||||
|
||||
#include "opt_quota.h"
|
||||
@ -866,6 +866,16 @@ ffs_vget(mp, ino, vpp)
|
||||
}
|
||||
ffs_inode_hash_lock = 1;
|
||||
|
||||
/*
|
||||
* If this MALLOC() is performed after the getnewvnode()
|
||||
* it might block, leaving a vnode with a NULL v_data to be
|
||||
* found by ffs_sync() if a sync happens to fire right then,
|
||||
* which will cause a panic because ffs_sync() blindly
|
||||
* dereferences vp->v_data (as well it should).
|
||||
*/
|
||||
type = ump->um_devvp->v_tag == VT_MFS ? M_MFSNODE : M_FFSNODE; /* XXX */
|
||||
MALLOC(ip, struct inode *, sizeof(struct inode), type, M_WAITOK);
|
||||
|
||||
/* Allocate a new vnode/inode. */
|
||||
error = getnewvnode(VT_UFS, mp, ffs_vnodeop_p, &vp);
|
||||
if (error) {
|
||||
@ -873,10 +883,9 @@ ffs_vget(mp, ino, vpp)
|
||||
wakeup(&ffs_inode_hash_lock);
|
||||
ffs_inode_hash_lock = 0;
|
||||
*vpp = NULL;
|
||||
FREE(ip, type);
|
||||
return (error);
|
||||
}
|
||||
type = ump->um_devvp->v_tag == VT_MFS ? M_MFSNODE : M_FFSNODE; /* XXX */
|
||||
MALLOC(ip, struct inode *, sizeof(struct inode), type, M_WAITOK);
|
||||
bzero((caddr_t)ip, sizeof(struct inode));
|
||||
vp->v_data = ip;
|
||||
ip->i_vnode = vp;
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)lfs_alloc.c 8.4 (Berkeley) 1/4/94
|
||||
* $Id: lfs_alloc.c,v 1.9 1995/12/07 12:47:55 davidg Exp $
|
||||
* $Id: lfs_alloc.c,v 1.10 1996/01/05 18:31:51 wollman Exp $
|
||||
*/
|
||||
|
||||
#include "opt_quota.h"
|
||||
@ -166,9 +166,17 @@ lfs_vcreate(mp, ino, vpp)
|
||||
struct ufsmount *ump;
|
||||
int error, i;
|
||||
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(ip, struct inode *, sizeof(struct inode), M_LFSNODE, M_WAITOK);
|
||||
|
||||
/* Create the vnode. */
|
||||
if (error = getnewvnode(VT_LFS, mp, lfs_vnodeop_p, vpp)) {
|
||||
*vpp = NULL;
|
||||
FREE(ip, M_LFSNODE);
|
||||
return (error);
|
||||
}
|
||||
|
||||
@ -176,7 +184,6 @@ lfs_vcreate(mp, ino, vpp)
|
||||
ump = VFSTOUFS(mp);
|
||||
|
||||
/* Initialize the inode. */
|
||||
MALLOC(ip, struct inode *, sizeof(struct inode), M_LFSNODE, M_WAITOK);
|
||||
(*vpp)->v_data = ip;
|
||||
ip->i_vnode = *vpp;
|
||||
ip->i_devvp = ump->um_devvp;
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)mfs_vfsops.c 8.4 (Berkeley) 4/16/94
|
||||
* $Id: mfs_vfsops.c,v 1.20 1995/12/17 21:09:59 phk Exp $
|
||||
* $Id: mfs_vfsops.c,v 1.21 1996/04/08 07:54:49 phk Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -288,7 +288,7 @@ mfs_mount(mp, path, data, ndp, p)
|
||||
/*
|
||||
* FS specific handling
|
||||
*/
|
||||
mfsp = malloc(sizeof *mfsp, M_MFSNODE, M_WAITOK);
|
||||
MALLOC(mfsp, struct mfsnode *, sizeof *mfsp, M_MFSNODE, M_WAITOK);
|
||||
rootvp->v_data = mfsp;
|
||||
rootvp->v_op = mfs_vnodeop_p;
|
||||
rootvp->v_tag = VT_MFS;
|
||||
@ -305,7 +305,7 @@ mfs_mount(mp, path, data, ndp, p)
|
||||
if( (err = ffs_mountfs(rootvp, mp, p)) != 0 ) {
|
||||
/* fs specific cleanup (if any)*/
|
||||
rootvp->v_data = NULL;
|
||||
free(mfsp, M_MFSNODE);
|
||||
FREE(mfsp, M_MFSNODE);
|
||||
goto error_1;
|
||||
}
|
||||
|
||||
@ -368,13 +368,21 @@ mfs_mount(mp, path, data, ndp, p)
|
||||
/* XXX MFS does not support name updating*/
|
||||
goto success;
|
||||
}
|
||||
/*
|
||||
* Do the MALLOC before the getnewvnode since doing so afterward
|
||||
* might cause a bogus v_data pointer to get dereferenced
|
||||
* elsewhere if MALLOC should block.
|
||||
*/
|
||||
MALLOC(mfsp, struct mfsnode *, sizeof *mfsp, M_MFSNODE, M_WAITOK);
|
||||
|
||||
err = getnewvnode(VT_MFS, (struct mount *)0, mfs_vnodeop_p, &devvp);
|
||||
if (err)
|
||||
if (err) {
|
||||
FREE(mfsp, M_MFSNODE);
|
||||
goto error_1;
|
||||
}
|
||||
devvp->v_type = VBLK;
|
||||
if (checkalias(devvp, makedev(255, mfs_minor++), (struct mount *)0))
|
||||
panic("mfs_mount: dup dev");
|
||||
mfsp = (struct mfsnode *)malloc(sizeof *mfsp, M_MFSNODE, M_WAITOK);
|
||||
devvp->v_data = mfsp;
|
||||
mfsp->mfs_baseoff = args.base;
|
||||
mfsp->mfs_size = args.size;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user