Subject: Re: Addition to force open to open only regular files
To: Greywolf <>
From: Bill Studenmund <>
List: tech-kern
Date: 11/28/2000 13:36:11
On Thu, 23 Nov 2000, Greywolf wrote:

> reserve() would return a filehandle of sorts which could then be passed to
> ropen() to return a descriptor?  One could also have an rstat() call to
> stat the filehandle and find out what you've reserved.  Since the reserve
> would lock the node, the rstat() would be guaranteed to return valid
> information, and ropen() would be guaranteed to return a valid fd into
> the data, even if an unlink() has transpired.

Vnode locks should NEVER be held when a system call returns to userland.
If you do that, you open up a huge Denial of Service attack:

reserve(pathname, other options); for (;;;) stat(pathname, &a buffer);

You've just panic'd the computer. This (the lossage resulting from leaving
a vnode locked) is called, "the race for root."

Take care,