On Mon, 23 Mar 2015 11:12:57 -0400 "J. Bruce Fields" <bfields@xxxxxxxxxxxx> wrote: > On Mon, Mar 23, 2015 at 10:53:41AM -0400, Jeff Layton wrote: > > After staring at this code for a _long_ time, I think I've finally found > > the source of the use-after-free oops that HCH spotted. The first patch > > in this series should fix that. The other two patches are just cleanups > > that I generated while staring at the code. > > > > The first one obviously needs to go into v4.0 (and stable) ASAP. The > > other two can wait for v4.1. > > Zowie, thanks! It's a relief to have this one found....--b. > Definitely a relief. Just to reiterate what you spotted on IRC too, it looks like there's a similar bug in alloc_init_lock_stateowner so we'll need a patch for that as well. > > > > Jeff Layton (3): > > nfsd: return correct openowner when there is a race to put one in the > > hash > > nfsd: remove bogus setting of status in nfsd4_process_open2 > > nfsd: remove unused status arg to nfsd4_cleanup_open_state > > > > fs/nfsd/nfs4proc.c | 2 +- > > fs/nfsd/nfs4state.c | 5 ++--- > > fs/nfsd/xdr4.h | 2 +- > > 3 files changed, 4 insertions(+), 5 deletions(-) > > > > -- > > 2.1.0 > > > > -- > > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > > the body of a message to majordomo@xxxxxxxxxxxxxxx > > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Jeff Layton <jlayton@xxxxxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
