Fix tmpfs_lookup locking for ".." == ".". unveil_find_cover() calls
VFS_LOOKUP(dir, &parent) in a loop and looks up the parent directory
".." repeatedly. VFS_LOOKUP is expected to unlock 'dir' and return
'parent' locked.
So tmpfs_lookup() is called for ISDOTDOT and:
- runs with dvp = dir, vpp = &parent
- gets parent from tmpfs_vnode_get() and
- re-locks dir with vn_lock(dvp)
but skips the call to
VOP_UNLOCK(dvp);
on return because *vpp == dvp
The reason for doing so is the lookup for ".". In this case
tmpfs_lookup() just increases the reference on dvp and copies the
pointer:
*vpp = dvp; vref(dvp);
However, in our case we also have *vpp == dvp, but for a different
lookup (ISDOTDOT), so we must do the unlock.
From markus@
projects / openbsd / commit