github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
b035bb9573
linux/fs/nfsd
History
Trond Myklebust 1ab250aaba nfsd: Don't add locks to closed or closing open stateids 
[ Upstream commit a451b12311 ]

In NFSv4, the lock stateids are tied to the lockowner, and the open stateid,
so that the action of closing the file also results in either an automatic
loss of the locks, or an error of the form NFS4ERR_LOCKS_HELD.

In practice this means we must not add new locks to the open stateid
after the close process has been invoked. In fact doing so, can result
in the following panic:

 kernel BUG at lib/list_debug.c:51!
 invalid opcode: 0000 [#1] SMP NOPTI
 CPU: 2 PID: 1085 Comm: nfsd Not tainted 5.6.0-rc3+ #2
 Hardware name: VMware, Inc. VMware7,1/440BX Desktop Reference Platform, BIOS VMW71.00V.14410784.B64.1908150010 08/15/2019
 RIP: 0010:__list_del_entry_valid.cold+0x31/0x55
 Code: 1a 3d 9b e8 74 10 c2 ff 0f 0b 48 c7 c7 f0 1a 3d 9b e8 66 10 c2 ff 0f 0b 48 89 f2 48 89 fe 48 c7 c7 b0 1a 3d 9b e8 52 10 c2 ff <0f> 0b 48 89 fe 4c 89 c2 48 c7 c7 78 1a 3d 9b e8 3e 10 c2 ff 0f 0b
 RSP: 0018:ffffb296c1d47d90 EFLAGS: 00010246
 RAX: 0000000000000054 RBX: ffff8ba032456ec8 RCX: 0000000000000000
 RDX: 0000000000000000 RSI: ffff8ba039e99cc8 RDI: ffff8ba039e99cc8
 RBP: ffff8ba032456e60 R08: 0000000000000781 R09: 0000000000000003
 R10: 0000000000000000 R11: 0000000000000001 R12: ffff8ba009a4abe0
 R13: ffff8ba032456e8c R14: 0000000000000000 R15: ffff8ba00adb01d8
 FS:  0000000000000000(0000) GS:ffff8ba039e80000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 00007fb213f0b008 CR3: 00000001347de006 CR4: 00000000003606e0
 Call Trace:
  release_lock_stateid+0x2b/0x80 [nfsd]
  nfsd4_free_stateid+0x1e9/0x210 [nfsd]
  nfsd4_proc_compound+0x414/0x700 [nfsd]
  ? nfs4svc_decode_compoundargs+0x407/0x4c0 [nfsd]
  nfsd_dispatch+0xc1/0x200 [nfsd]
  svc_process_common+0x476/0x6f0 [sunrpc]
  ? svc_sock_secure_port+0x12/0x30 [sunrpc]
  ? svc_recv+0x313/0x9c0 [sunrpc]
  ? nfsd_svc+0x2d0/0x2d0 [nfsd]
  svc_process+0xd4/0x110 [sunrpc]
  nfsd+0xe3/0x140 [nfsd]
  kthread+0xf9/0x130
  ? nfsd_destroy+0x50/0x50 [nfsd]
  ? kthread_park+0x90/0x90
  ret_from_fork+0x1f/0x40

The fix is to ensure that lock creation tests for whether or not the
open stateid is unhashed, and to fail if that is the case.

Fixes: 659aefb68e ("nfsd: Ensure we don't recognise lock stateids after freeing them")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-10-01 13:14:38 +02:00
..
acl.h
auth.c
auth.h
blocklayout.c vfs/y2038: inode timestamps conversion to timespec64 2018-06-15 07:31:07 +09:00
blocklayoutxdr.c
blocklayoutxdr.h
cache.h nfsd: Do not refuse to serve out of cache 2018-05-11 15:48:57 -04:00
current_stateid.h
export.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
export.h
fault_inject.c
flexfilelayout.c
flexfilelayoutxdr.c
flexfilelayoutxdr.h
idmap.h
Kconfig
lockd.c
Makefile
netns.h nfsd4: extend reclaim period for reclaiming clients 2018-06-17 10:20:47 -04:00
nfs2acl.c
nfs3acl.c
nfs3proc.c nfsd: fix memory corruption caused by readdir 2019-03-23 20:10:09 +01:00
nfs3xdr.c nfsd: fix memory corruption caused by readdir 2019-03-23 20:10:09 +01:00
nfs4acl.c
nfs4callback.c nfsd: Fix svc_xprt refcnt leak when setup callback client failed 2020-06-25 15:32:51 +02:00
nfs4idmap.c
nfs4layouts.c nfsd: fix delay timer on 32-bit architectures 2020-02-11 04:34:13 -08:00
nfs4proc.c nfsd4: zero-length WRITE should succeed 2019-01-13 09:51:08 +01:00
nfs4recover.c nfsd: fix a warning in __cld_pipe_upcall() 2019-12-13 08:52:09 +01:00
nfs4state.c nfsd: Don't add locks to closed or closing open stateids 2020-10-01 13:14:38 +02:00
nfs4xdr.c nfsd: avoid uninitialized variable warning 2019-06-15 11:54:07 +02:00
nfscache.c - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
nfsctl.c nfsd: fix wrong check in write_v4_end_grace() 2019-03-23 20:10:09 +01:00
nfsd.h nfsd4: support change_attr_type attribute 2018-06-17 10:41:31 -04:00
nfsfh.c nfsd: use true and false for boolean values 2018-08-09 16:11:21 -04:00
nfsfh.h
nfsproc.c NFSD: Handle full-length symlinks 2018-08-09 16:11:21 -04:00
nfssvc.c
nfsxdr.c vfs: change inode times to use struct timespec64 2018-06-05 16:57:31 -07:00
pnfs.h
state.h nfsd: fix jiffies/time_t mixup in LRU list 2020-02-11 04:34:13 -08:00
stats.c
stats.h
trace.c
trace.h nfsd: Trace NFSv4 COMPOUND execution 2018-04-03 15:08:15 -04:00
vfs.c nfsd: apply umask on fs without ACL support 2020-07-09 09:37:11 +02:00
vfs.h nfsd: allow fh_want_write to be called twice 2019-06-15 11:54:07 +02:00
xdr.h NFSD: Clean up legacy NFS SYMLINK argument XDR decoders 2018-04-03 15:08:16 -04:00
xdr3.h NFSD: Clean up legacy NFS SYMLINK argument XDR decoders 2018-04-03 15:08:16 -04:00
xdr4.h nfsd: fix incorrect umasks 2018-04-03 16:27:08 -04:00
xdr4cb.h