On Tue, Nov 27, 2012 at 11:31:11AM -0500, Sasha Levin wrote:
> A recent patch series has moved hashtable initialization to when the net
> struct is initialized.
>
> When injecting faults, we tried accessing the hashtables even if the struct
> wasn't really initialized (nfsd wasn't in use) - this caused a NULL ptr
> deref.
Thanks, adding Bryan to cc.--b.
>
> A simple test would be:
>
> echo 1 > /sys/kernel/debug/nfsd/forget_locks
>
> Signed-off-by: Sasha Levin <sasha.levin@xxxxxxxxxx>
> ---
> fs/nfsd/netns.h | 3 +++
> fs/nfsd/nfs4state.c | 9 +++++++++
> 2 files changed, 12 insertions(+)
>
> diff --git a/fs/nfsd/netns.h b/fs/nfsd/netns.h
> index 227b93e..c5806a57 100644
> --- a/fs/nfsd/netns.h
> +++ b/fs/nfsd/netns.h
> @@ -83,5 +83,8 @@ struct nfsd_net {
> struct delayed_work laundromat_work;
> };
>
> +/* Simple check to find out if a given net was properly initialized */
> +#define nfsd_netns_ready(nn) ((nn)->sessionid_hashtbl)
> +
> extern int nfsd_net_id;
> #endif /* __NFSD_NETNS_H__ */
> diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
> index e75872f..0e7428c 100644
> --- a/fs/nfsd/nfs4state.c
> +++ b/fs/nfsd/nfs4state.c
> @@ -4598,6 +4598,9 @@ void nfsd_forget_clients(u64 num)
> int count = 0;
> struct nfsd_net *nn = net_generic(current->nsproxy->net_ns, nfsd_net_id);
>
> + if (!nfsd_netns_ready(nn))
> + return;
> +
> nfs4_lock_state();
> list_for_each_entry_safe(clp, next, &nn->client_lru, cl_lru) {
> expire_client(clp);
> @@ -4643,6 +4646,9 @@ void nfsd_forget_locks(u64 num)
> int count;
> struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
>
> + if (!nfsd_netns_ready(nn))
> + return;
> +
> nfs4_lock_state();
> count = nfsd_release_n_owners(num, false, release_lockowner_sop, nn);
> nfs4_unlock_state();
> @@ -4655,6 +4661,9 @@ void nfsd_forget_openowners(u64 num)
> int count;
> struct nfsd_net *nn = net_generic(&init_net, nfsd_net_id);
>
> + if (!nfsd_netns_ready(nn))
> + return;
> +
> nfs4_lock_state();
> count = nfsd_release_n_owners(num, true, release_openowner_sop, nn);
> nfs4_unlock_state();
> --
> 1.8.0
>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
