Commit 34b09af4 authored by J. Bruce Fields's avatar J. Bruce Fields Committed by Chuck Lever

nfsd: fix oops on mixed NFSv4/NFSv3 client access

If an NFSv2/v3 client breaks an NFSv4 client's delegation, it will hit a
NULL dereference in nfsd_breaker_owns_lease().

Easily reproduceable with for example

	mount -overs=4.2 server:/export /mnt/
	sleep 1h </mnt/file &
	mount -overs=3 server:/export /mnt2/
	touch /mnt2/file
Reported-by: default avatarRobert Dinse <nanook@eskimo.com>
Fixes: 28df3d15 ("nfsd: clients don't need to break their own delegations")
BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=208807Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
parent 9123e3a7
...@@ -4597,6 +4597,8 @@ static bool nfsd_breaker_owns_lease(struct file_lock *fl) ...@@ -4597,6 +4597,8 @@ static bool nfsd_breaker_owns_lease(struct file_lock *fl)
if (!i_am_nfsd()) if (!i_am_nfsd())
return NULL; return NULL;
rqst = kthread_data(current); rqst = kthread_data(current);
if (!rqst->rq_lease_breaker)
return NULL;
clp = *(rqst->rq_lease_breaker); clp = *(rqst->rq_lease_breaker);
return dl->dl_stid.sc_client == clp; return dl->dl_stid.sc_client == clp;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment