- if ((ndp->ni_rootdir = fdp->fd_rdir) == NULLVP) {
- if ( !(fdp->fd_flags & FD_CHROOT))
- ndp->ni_rootdir = rootvnode;
+ proc_fdlock(p);
+ if (!(fdp->fd_flags & FD_CHROOT)) {
+ ndp->ni_rootdir = rootvnode;
+ } else {
+ ndp->ni_rootdir = fdp->fd_rdir;
+ }
+
+ if (!ndp->ni_rootdir) {
+ if (!(fdp->fd_flags & FD_CHROOT)) {
+ proc_fdunlock(p);
+ printf("rootvnode is not set\n");
+ } else {
+ proc_fdunlock(p);
+ /* This should be a panic */
+ printf("fdp->fd_rdir is not set\n");
+ }
+ error = ENOENT;
+ goto error_out;
+ }
+
+ /*
+ * We have the proc_fdlock here so we still have a usecount
+ * on ndp->ni_rootdir.
+ *
+ * However we need to get our own usecount on it in order to
+ * ensure that the vnode isn't recycled to something else.
+ *
+ * Note : It's fine if the vnode is force reclaimed but with
+ * a usecount it won't be reused until we release the reference.
+ *
+ * In order to get that usecount however, we need to first
+ * get non blocking iocount since we'll be doing this under
+ * the proc_fdlock.
+ */
+ if (vnode_get(ndp->ni_rootdir) != 0) {
+ proc_fdunlock(p);
+ error = ENOENT;
+ goto error_out;
+ }
+
+ proc_fdunlock(p);
+
+ /* Now we can safely get our own ref on ni_rootdir */
+ error = vnode_ref_ext(ndp->ni_rootdir, O_EVTONLY, 0);
+ vnode_put(ndp->ni_rootdir);
+ if (error) {
+ ndp->ni_rootdir = NULLVP;
+ goto error_out;