Protect pool_get() with kernel lock in sys_ypconnect().

Pool namei_pool is initialized with IPL_NONE as filesystem always
runs with kernel lock.  So pool_get() needs kernel lock also in
sys_ypconnect().

OK kn@ deraadt@

diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c
index c57950a..97690f8 100644 (file)
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: uipc_syscalls.c,v 1.217 2024/02/03 22:50:09 mvs Exp $ */
+/*     $OpenBSD: uipc_syscalls.c,v 1.218 2024/03/01 14:15:01 bluhm Exp $       */
 /*     $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $      */
 
 /*
@@ -1560,12 +1560,12 @@ sys_ypconnect(struct proc *p, void *v, register_t *retval)
 
        if (p->p_p->ps_flags & PS_CHROOT)
                return EACCES;
+       KERNEL_LOCK();
        name = pool_get(&namei_pool, PR_WAITOK);
        snprintf(name, MAXPATHLEN, "/var/yp/binding/%s.2", domainname);
        NDINIT(&nid, 0, NOFOLLOW|LOCKLEAF|KERNELPATH, UIO_SYSSPACE, name, p);
        nid.ni_pledge = PLEDGE_RPATH;
 
-       KERNEL_LOCK();
        error = namei(&nid);
        pool_put(&namei_pool, name);
        if (error)