On Thu, Jan 13, 2022 at 09:12:32AM +0100, Christian Ehrhardt wrote:
> True, updated patch (v3) below.
>
> regards Christian
Passed full regress run on i386. OK bluhm@
> commit 2265c7db45a9127bcf236de6432d6dd323414bd5
> Author: Christian Ehrhardt <ehrha...@genua.de>
> Date: Tue Jan 11 10:31:46 2022 +0100
>
> m_pullup: Properly handle read-only clusters
>
> If the first mbuf of a chain in m_pullup is a cluster, check if
> the cluster is read-only (shared or an external buffer). If so
> don't touch it an create an new mbuf for the pullup data.
>
> diff --git a/sys/kern/uipc_mbuf.c b/sys/kern/uipc_mbuf.c
> index 5e4cb5ba88..21ae5059b0 100644
> --- a/sys/kern/uipc_mbuf.c
> +++ b/sys/kern/uipc_mbuf.c
> @@ -957,8 +957,6 @@ m_pullup(struct mbuf *m0, int len)
>
> head = M_DATABUF(m0);
> if (m0->m_len == 0) {
> - m0->m_data = head;
> -
> while (m->m_len == 0) {
> m = m_free(m);
> if (m == NULL)
> @@ -972,10 +970,11 @@ m_pullup(struct mbuf *m0, int len)
> tail = head + M_SIZE(m0);
> head += adj;
>
> - if (len <= tail - head) {
> - /* there's enough space in the first mbuf */
> -
> - if (len > tail - mtod(m0, caddr_t)) {
> + if (!M_READONLY(m0) && len <= tail - head) {
> + /* we can copy everything into the first mbuf */
> + if (m0->m_len == 0) {
> + m0->m_data = head;
> + } else if (len > tail - mtod(m0, caddr_t)) {
> /* need to memmove to make space at the end */
> memmove(head, mtod(m0, caddr_t), m0->m_len);
> m0->m_data = head;
> @@ -983,14 +982,18 @@ m_pullup(struct mbuf *m0, int len)
>
> len -= m0->m_len;
> } else {
> - /* the first mbuf is too small so make a new one */
> + /* the first mbuf is too small or read-only, make a new one */
> space = adj + len;
>
> if (space > MAXMCLBYTES)
> goto bad;
>
> - m0->m_next = m;
> - m = m0;
> + if (m0->m_len == 0) {
> + m_free(m0);
> + } else {
> + m0->m_next = m;
> + m = m0;
> + }
>
> MGET(m0, M_DONTWAIT, m->m_type);
> if (m0 == NULL)
