On Thu, 2024-12-19 at 15:12 -0500, Olga Kornievskaia wrote: > If a client were to send an error to a CB_GETATTR call, the code > erronously continues to try decode past the error code. It ends > up returning BAD_XDR error to the rpc layer and then in turn > trigger a WARN_ONCE in nfsd4_cb_done() function. > > Fixes: 6487a13b5c6b ("NFSD: add support for CB_GETATTR callback") > Signed-off-by: Olga Kornievskaia <okorniev@xxxxxxxxxx> > --- > fs/nfsd/nfs4callback.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c > index 3877b53e429f..f24d8654393d 100644 > --- a/fs/nfsd/nfs4callback.c > +++ b/fs/nfsd/nfs4callback.c > @@ -647,7 +647,7 @@ static int nfs4_xdr_dec_cb_getattr(struct rpc_rqst *rqstp, > return status; > > status = decode_cb_op_status(xdr, OP_CB_GETATTR, &cb->cb_status); > - if (status) > + if (status || cb->cb_status) > return status; > if (xdr_stream_decode_uint32_array(xdr, bitmap, 3) < 0) > return -NFSERR_BAD_XDR; Nice catch! Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>