On Mon, 2017-03-06 at 22:29 +0800, Kinglong Mee wrote:
> Because nfs4_opendata_access() has close the state when access is
> denied,
> so the state isn't leak.
> Rather than revert the commit a974deee47, I'd like clean the strange
> state close.
>
> [ 1615.094218] ------------[ cut here ]------------
> [ 1615.094607] WARNING: CPU: 0 PID: 23702 at lib/list_debug.c:31
> __list_add_valid+0x8e/0xa0
> [ 1615.094913] list_add double add: new=ffff9d7901d9f608,
> prev=ffff9d7901d9f608, next=ffff9d7901ee8dd0.
> [ 1615.095458] Modules linked in: nfsv4(E) nfs(E) nfsd(E) tun bridge
> stp llc fuse ip_set nfnetlink vmw_vsock_vmci_transport vsock f2fs
> snd_seq_midi snd_seq_midi_event fscrypto coretemp ppdev
> crct10dif_pclmul crc32_pclmul ghash_clmulni_intel intel_rapl_perf
> vmw_balloon snd_ens1371 joydev gameport snd_ac97_codec ac97_bus
> snd_seq snd_pcm snd_rawmidi snd_timer snd_seq_device snd soundcore
> nfit parport_pc parport acpi_cpufreq tpm_tis tpm_tis_core tpm
> i2c_piix4 vmw_vmci shpchp auth_rpcgss nfs_acl lockd(E) grace
> sunrpc(E) xfs libcrc32c vmwgfx drm_kms_helper ttm drm crc32c_intel
> mptspi e1000 serio_raw scsi_transport_spi mptscsih mptbase
> ata_generic pata_acpi fjes [last unloaded: nfs]
> [ 1615.097663] CPU: 0 PID: 23702 Comm: fstest Tainted:
> G W E 4.11.0-rc1+ #517
> [ 1615.098015] Hardware name: VMware, Inc. VMware Virtual
> Platform/440BX Desktop Reference Platform, BIOS 6.00 07/02/2015
> [ 1615.098807] Call Trace:
> [ 1615.099183] dump_stack+0x63/0x86
> [ 1615.099578] __warn+0xcb/0xf0
> [ 1615.099967] warn_slowpath_fmt+0x5f/0x80
> [ 1615.100370] __list_add_valid+0x8e/0xa0
> [ 1615.100760] nfs4_put_state_owner+0x75/0xc0 [nfsv4]
> [ 1615.101136] __nfs4_close+0x109/0x140 [nfsv4]
> [ 1615.101524] nfs4_close_state+0x15/0x20 [nfsv4]
> [ 1615.101949] nfs4_close_context+0x21/0x30 [nfsv4]
> [ 1615.102691] __put_nfs_open_context+0xb8/0x110 [nfs]
> [ 1615.103155] put_nfs_open_context+0x10/0x20 [nfs]
> [ 1615.103586] nfs4_file_open+0x13b/0x260 [nfsv4]
> [ 1615.103978] do_dentry_open+0x20a/0x2f0
> [ 1615.104369] ? nfs4_copy_file_range+0x30/0x30 [nfsv4]
> [ 1615.104739] vfs_open+0x4c/0x70
> [ 1615.105106] ? may_open+0x5a/0x100
> [ 1615.105469] path_openat+0x623/0x1420
> [ 1615.105823] do_filp_open+0x91/0x100
> [ 1615.106174] ? __alloc_fd+0x3f/0x170
> [ 1615.106568] do_sys_open+0x130/0x220
> [ 1615.106920] ? __put_cred+0x3d/0x50
> [ 1615.107256] SyS_open+0x1e/0x20
> [ 1615.107588] entry_SYSCALL_64_fastpath+0x1a/0xa9
> [ 1615.107922] RIP: 0033:0x7fab599069b0
> [ 1615.108247] RSP: 002b:00007ffcf0600d78 EFLAGS: 00000246 ORIG_RAX:
> 0000000000000002
> [ 1615.108575] RAX: ffffffffffffffda RBX: 00007fab59bcfae0 RCX:
> 00007fab599069b0
> [ 1615.108896] RDX: 0000000000000200 RSI: 0000000000000200 RDI:
> 00007ffcf060255e
> [ 1615.109211] RBP: 0000000000040010 R08: 0000000000000000 R09:
> 0000000000000016
> [ 1615.109515] R10: 00000000000006a1 R11: 0000000000000246 R12:
> 0000000000041000
> [ 1615.109806] R13: 0000000000040010 R14: 0000000000001000 R15:
> 0000000000002710
> [ 1615.110152] ---[ end trace 96ed63b1306bf2f3 ]---
>
> Fixes: a974deee47 ("NFSv4: Fix memory and state leak in...")
> Signed-off-by: Kinglong Mee <kinglongmee@xxxxxxxxx>
> ---
> fs/nfs/nfs4proc.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
> index 1b18368..c1f5369 100644
> --- a/fs/nfs/nfs4proc.c
> +++ b/fs/nfs/nfs4proc.c
> @@ -2258,8 +2258,6 @@ static int nfs4_opendata_access(struct rpc_cred
> *cred,
> if ((mask & ~cache.mask & (MAY_READ | MAY_EXEC)) == 0)
> return 0;
>
> - /* even though OPEN succeeded, access is denied. Close the
> file */
> - nfs4_close_state(state, fmode);
> return -EACCES;
> }
>
Looks good.
--
Trond Myklebust
Linux NFS client maintainer, PrimaryData
trond.myklebust@xxxxxxxxxxxxxxx
��.n��������+%�������w��{.n�����{��w����jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
