On 1/25/2016 22:09, Trond Myklebust wrote: > We need to make sure that we don't allow args->csa_sequenceid == 0. > > Signed-off-by: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx> > --- > fs/nfs/callback_proc.c | 43 +++++++++++++++++-------------------------- > 1 file changed, 17 insertions(+), 26 deletions(-) ... snip ... > @@ -486,6 +476,13 @@ __be32 nfs4_callback_sequence(struct cb_sequenceargs *args, > goto out_unlock; > } > > + status = validate_seqid(tbl, slot, args); > + if (status) > + goto out_unlock; For NFS4ERR_RETRY_UNCACHED_REP error, nfs should initialize cb_sequenceres information, but goto out_unlock will skip it. thanks, Kinglong Mee > + > + cps->slotid = args->csa_slotid; > + tbl->highest_used_slotid = args->csa_slotid; > + > memcpy(&res->csr_sessionid, &args->csa_sessionid, > sizeof(res->csr_sessionid)); > res->csr_sequenceid = args->csa_sequenceid; > @@ -493,12 +490,6 @@ __be32 nfs4_callback_sequence(struct cb_sequenceargs *args, > res->csr_highestslotid = tbl->server_highest_slotid; > res->csr_target_highestslotid = tbl->target_highest_slotid; > > - status = validate_seqid(tbl, args); > - if (status) > - goto out_unlock; > - > - cps->slotid = args->csa_slotid; > - > /* The ca_maxresponsesize_cached is 0 with no DRC */ > if (args->csa_cachethis != 0) > return htonl(NFS4ERR_REP_TOO_BIG_TO_CACHE); > @@ -518,7 +509,7 @@ __be32 nfs4_callback_sequence(struct cb_sequenceargs *args, > * If CB_SEQUENCE returns an error, then the state of the slot > * (sequence ID, cached reply) MUST NOT change. > */ > - slot->seq_nr++; > + slot->seq_nr = args->csa_sequenceid; > out_unlock: > spin_unlock(&tbl->slot_tbl_lock); > > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
