From: Trond Myklebust <trondmy@primarydata.com>
To: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>
Cc: "kinglongmee@gmail.com" <kinglongmee@gmail.com>,
"Anna.Schumaker@Netapp.com" <Anna.Schumaker@Netapp.com>,
Trond Myklebust <trondmy@primarydata.com>,
"stable@vger.kernel.org" <stable@vger.kernel.org>
Subject: Re: [PATCH 3.18 14/36] NFSv4: fix a reference leak caused WARNING messages
Date: Mon, 3 Jul 2017 14:33:29 +0000 [thread overview]
Message-ID: <1499092406.79205.1.camel@primarydata.com> (raw)
In-Reply-To: <20170703133256.886693680@linuxfoundation.org>
Hi Greg,
On Mon, 2017-07-03 at 15:34 +0200, Greg Kroah-Hartman wrote:
> 3.18-stable review patch. If anyone has any objections, please let
> me know.
I cannot find commit a974deee477af89411e0f80456bfb344ac433c98 in
v3.18.59, so I think we should probably drop this patch instance.
Thanks for applying it to the newer stable kernels!
Cheers
Trond
>
> ------------------
>
> From: Kinglong Mee <kinglongmee@gmail.com>
>
> commit 366a1569bff3fe14abfdf9285e31e05e091745f5 upstream.
>
> Because nfs4_opendata_access() has close the state when access is
> denied,
> so the state isn't leak.
> Rather than revert the commit a974deee47, I'd like clean the strange
> state close.
>
> [ 1615.094218] ------------[ cut here ]------------
> [ 1615.094607] WARNING: CPU: 0 PID: 23702 at lib/list_debug.c:31
> __list_add_valid+0x8e/0xa0
> [ 1615.094913] list_add double add: new=ffff9d7901d9f608,
> prev=ffff9d7901d9f608, next=ffff9d7901ee8dd0.
> [ 1615.095458] Modules linked in: nfsv4(E) nfs(E) nfsd(E) tun bridge
> stp llc fuse ip_set nfnetlink vmw_vsock_vmci_transport vsock f2fs
> snd_seq_midi snd_seq_midi_event fscrypto coretemp ppdev
> crct10dif_pclmul crc32_pclmul ghash_clmulni_intel intel_rapl_perf
> vmw_balloon snd_ens1371 joydev gameport snd_ac97_codec ac97_bus
> snd_seq snd_pcm snd_rawmidi snd_timer snd_seq_device snd soundcore
> nfit parport_pc parport acpi_cpufreq tpm_tis tpm_tis_core tpm
> i2c_piix4 vmw_vmci shpchp auth_rpcgss nfs_acl lockd(E) grace
> sunrpc(E) xfs libcrc32c vmwgfx drm_kms_helper ttm drm crc32c_intel
> mptspi e1000 serio_raw scsi_transport_spi mptscsih mptbase
> ata_generic pata_acpi fjes [last unloaded: nfs]
> [ 1615.097663] CPU: 0 PID: 23702 Comm: fstest Tainted:
> G W E 4.11.0-rc1+ #517
> [ 1615.098015] Hardware name: VMware, Inc. VMware Virtual
> Platform/440BX Desktop Reference Platform, BIOS 6.00 07/02/2015
> [ 1615.098807] Call Trace:
> [ 1615.099183] dump_stack+0x63/0x86
> [ 1615.099578] __warn+0xcb/0xf0
> [ 1615.099967] warn_slowpath_fmt+0x5f/0x80
> [ 1615.100370] __list_add_valid+0x8e/0xa0
> [ 1615.100760] nfs4_put_state_owner+0x75/0xc0 [nfsv4]
> [ 1615.101136] __nfs4_close+0x109/0x140 [nfsv4]
> [ 1615.101524] nfs4_close_state+0x15/0x20 [nfsv4]
> [ 1615.101949] nfs4_close_context+0x21/0x30 [nfsv4]
> [ 1615.102691] __put_nfs_open_context+0xb8/0x110 [nfs]
> [ 1615.103155] put_nfs_open_context+0x10/0x20 [nfs]
> [ 1615.103586] nfs4_file_open+0x13b/0x260 [nfsv4]
> [ 1615.103978] do_dentry_open+0x20a/0x2f0
> [ 1615.104369] ? nfs4_copy_file_range+0x30/0x30 [nfsv4]
> [ 1615.104739] vfs_open+0x4c/0x70
> [ 1615.105106] ? may_open+0x5a/0x100
> [ 1615.105469] path_openat+0x623/0x1420
> [ 1615.105823] do_filp_open+0x91/0x100
> [ 1615.106174] ? __alloc_fd+0x3f/0x170
> [ 1615.106568] do_sys_open+0x130/0x220
> [ 1615.106920] ? __put_cred+0x3d/0x50
> [ 1615.107256] SyS_open+0x1e/0x20
> [ 1615.107588] entry_SYSCALL_64_fastpath+0x1a/0xa9
> [ 1615.107922] RIP: 0033:0x7fab599069b0
> [ 1615.108247] RSP: 002b:00007ffcf0600d78 EFLAGS: 00000246 ORIG_RAX:
> 0000000000000002
> [ 1615.108575] RAX: ffffffffffffffda RBX: 00007fab59bcfae0 RCX:
> 00007fab599069b0
> [ 1615.108896] RDX: 0000000000000200 RSI: 0000000000000200 RDI:
> 00007ffcf060255e
> [ 1615.109211] RBP: 0000000000040010 R08: 0000000000000000 R09:
> 0000000000000016
> [ 1615.109515] R10: 00000000000006a1 R11: 0000000000000246 R12:
> 0000000000041000
> [ 1615.109806] R13: 0000000000040010 R14: 0000000000001000 R15:
> 0000000000002710
> [ 1615.110152] ---[ end trace 96ed63b1306bf2f3 ]---
>
> Fixes: a974deee47 ("NFSv4: Fix memory and state leak in...")
> Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
> Cc: Trond Myklebust <trond.myklebust@primarydata.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>
> ---
> fs/nfs/nfs4proc.c | 2 --
> 1 file changed, 2 deletions(-)
>
> --- a/fs/nfs/nfs4proc.c
> +++ b/fs/nfs/nfs4proc.c
> @@ -1995,8 +1995,6 @@ static int nfs4_opendata_access(struct r
> if ((mask & ~cache.mask & (MAY_READ | MAY_EXEC)) == 0)
> return 0;
>
> - /* even though OPEN succeeded, access is denied. Close the
> file */
> - nfs4_close_state(state, fmode);
> return -EACCES;
> }
>
>
>
--
Trond Myklebust
Linux NFS client maintainer, PrimaryData
trond.myklebust@primarydata.com
next prev parent reply other threads:[~2017-07-03 14:33 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-03 13:33 [PATCH 3.18 00/36] 3.18.60-stable review Greg Kroah-Hartman
2017-07-03 13:33 ` [PATCH 3.18 01/36] xhci: fix deadlock at host remove by running watchdog correctly Greg Kroah-Hartman
2017-07-03 13:33 ` [PATCH 3.18 02/36] ipv6: release dst on error in ip6_dst_lookup_tail Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 03/36] netfilter: xt_TCPMSS: add more sanity tests on tcph->doff Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 04/36] netfilter: synproxy: fix conntrackd interaction Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 05/36] net: dont call strlen on non-terminated string in dev_set_alias() Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 06/36] decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 07/36] Fix an intermittent pr_emerg warning about lo becoming free Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 08/36] net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 09/36] igmp: acquire pmc lock for ip_mc_clear_src() Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 10/36] igmp: add a missing spin_lock_init() Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 11/36] ipv6: fix calling in6_ifa_hold incorrectly for dad work Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 12/36] decnet: always not take dst->__refcnt when inserting dst into hash table Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 13/36] net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 14/36] NFSv4: fix a reference leak caused WARNING messages Greg Kroah-Hartman
2017-07-03 14:33 ` Trond Myklebust [this message]
2017-07-03 15:02 ` gregkh
2017-07-03 15:02 ` gregkh
2017-07-03 13:34 ` [PATCH 3.18 15/36] arm64: cpuinfo: Missing NULL terminator in compat_hwcap_str Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 16/36] MIPS: Avoid accidental raw backtrace Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 17/36] MIPS: pm-cps: Drop manual cache-line alignment of ready_count Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 18/36] MIPS: Fix IRQ tracing & lockdep when rescheduling Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 19/36] ALSA: hda - set input_path bitmap to zero after moving it to new place Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 20/36] drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 21/36] usb: gadget: f_fs: Fix possibe deadlock Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 22/36] sysctl: enable strict writes Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 23/36] mm: numa: avoid waiting on freed migrated pages Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 25/36] net: korina: Fix NAPI versus resources freeing Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 27/36] xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 28/36] xfrm: NULL dereference on allocation failure Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 29/36] xfrm: Oops on error in pfkey_msg2xfrm_state() Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 30/36] watchdog: bcm281xx: Fix use of uninitialized spinlock Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 31/36] ARM: 8685/1: ensure memblock-limit is pmd-aligned Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 32/36] iommu/vt-d: Dont over-free page table directories Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 33/36] iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid() Greg Kroah-Hartman
2017-07-03 13:34 ` [PATCH 3.18 34/36] cpufreq: s3c2416: double free on driver init error path Greg Kroah-Hartman
2017-07-03 19:34 ` [PATCH 3.18 00/36] 3.18.60-stable review Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1499092406.79205.1.camel@primarydata.com \
--to=trondmy@primarydata.com \
--cc=Anna.Schumaker@Netapp.com \
--cc=gregkh@linuxfoundation.org \
--cc=kinglongmee@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.