* [PATCH] NFSD: Avoid corruption of a referring call list
@ 2025-06-08 22:08 Chuck Lever
2025-06-09 13:37 ` Jeff Layton
0 siblings, 1 reply; 2+ messages in thread
From: Chuck Lever @ 2025-06-08 22:08 UTC (permalink / raw)
To: reviews; +Cc: linux-nfs, Chuck Lever, kernel test robot, Dan Carpenter
From: Chuck Lever <chuck.lever@oracle.com>
The new code neglects to remove a freshly-allocated RCL from the
callback's referring call list when no matching referring call is
found.
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lore.kernel.org/r/202505171002.cE46sdj5-lkp@intel.com/
Fixes: 4f3c8d8c9e10 ("NFSD: Implement CB_SEQUENCE referring call lists")
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
fs/nfsd/nfs4callback.c | 1 +
1 file changed, 1 insertion(+)
I don't recall seeing this on the mailing list. Targeting this
one for nfsd-fixes.
diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c
index ccb00aa93be0..e00b2aea8da2 100644
--- a/fs/nfsd/nfs4callback.c
+++ b/fs/nfsd/nfs4callback.c
@@ -1409,6 +1409,7 @@ void nfsd41_cb_referring_call(struct nfsd4_callback *cb,
out:
if (!rcl->__nr_referring_calls) {
cb->cb_nr_referring_call_list--;
+ list_del(&rcl->__list);
kfree(rcl);
}
}
--
2.49.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] NFSD: Avoid corruption of a referring call list
2025-06-08 22:08 [PATCH] NFSD: Avoid corruption of a referring call list Chuck Lever
@ 2025-06-09 13:37 ` Jeff Layton
0 siblings, 0 replies; 2+ messages in thread
From: Jeff Layton @ 2025-06-09 13:37 UTC (permalink / raw)
To: Chuck Lever, reviews
Cc: linux-nfs, Chuck Lever, kernel test robot, Dan Carpenter
On Sun, 2025-06-08 at 18:08 -0400, Chuck Lever wrote:
> From: Chuck Lever <chuck.lever@oracle.com>
>
> The new code neglects to remove a freshly-allocated RCL from the
> callback's referring call list when no matching referring call is
> found.
>
> Reported-by: kernel test robot <lkp@intel.com>
> Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
> Closes: https://lore.kernel.org/r/202505171002.cE46sdj5-lkp@intel.com/
> Fixes: 4f3c8d8c9e10 ("NFSD: Implement CB_SEQUENCE referring call lists")
> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
> ---
> fs/nfsd/nfs4callback.c | 1 +
> 1 file changed, 1 insertion(+)
>
> I don't recall seeing this on the mailing list. Targeting this
> one for nfsd-fixes.
>
>
> diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c
> index ccb00aa93be0..e00b2aea8da2 100644
> --- a/fs/nfsd/nfs4callback.c
> +++ b/fs/nfsd/nfs4callback.c
> @@ -1409,6 +1409,7 @@ void nfsd41_cb_referring_call(struct nfsd4_callback *cb,
> out:
> if (!rcl->__nr_referring_calls) {
> cb->cb_nr_referring_call_list--;
> + list_del(&rcl->__list);
> kfree(rcl);
> }
> }
Nice catch.
Reviewed-by: Jeff Layton <jlayton@kernel.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-06-09 13:37 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-08 22:08 [PATCH] NFSD: Avoid corruption of a referring call list Chuck Lever
2025-06-09 13:37 ` Jeff Layton
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox