On Thu, 2012-02-16 at 11:17 -0500, Weston Andros Adamson wrote:
> server_scope would never be freed if nfs4_check_cl_exchange_flags() returned
> non-zero
>
> Signed-off-by: Weston Andros Adamson <dros@xxxxxxxxxx>
> ---
> fs/nfs/nfs4proc.c | 15 +++++++++------
> 1 files changed, 9 insertions(+), 6 deletions(-)
>
> diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
> index 87c584d..20c3bb0 100644
> --- a/fs/nfs/nfs4proc.c
> +++ b/fs/nfs/nfs4proc.c
> @@ -4945,8 +4945,10 @@ int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred)
> clp->cl_rpcclient->cl_auth->au_flavor);
>
> res.server_scope = kzalloc(sizeof(struct server_scope), GFP_KERNEL);
> - if (unlikely(!res.server_scope))
> - return -ENOMEM;
> + if (unlikely(!res.server_scope)) {
> + status = -ENOMEM;
> + goto out;
> + }
>
> status = rpc_call_sync(clp->cl_rpcclient, &msg, RPC_TASK_TIMEOUT);
> if (!status)
> @@ -4963,12 +4965,13 @@ int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred)
> clp->server_scope = NULL;
> }
>
> - if (!clp->server_scope)
> + if (!clp->server_scope) {
> clp->server_scope = res.server_scope;
> - else
> - kfree(res.server_scope);
> + goto out;
> + }
> }
> -
> + kfree(res.server_scope);
> +out:
> dprintk("<-- %s status= %d\n", __func__, status);
> return status;
> }
This looks like it is a bug in existing kernels. Should I queue it up
for stable@xxxxxxxxxxxxxxx?
--
Trond Myklebust
Linux NFS client maintainer
NetApp
Trond.Myklebust@xxxxxxxxxx
www.netapp.com
��.n��������+%�������w��{.n�����{��w����jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
