diff mbox

[1/5] nfsd: Fix a file leak of ls_file if nfsd4_layout_setlease fail

Message ID 559672B7.4010802@gmail.com (mailing list archive)
State New, archived
Headers show

Commit Message

Kinglong Mee July 3, 2015, 11:32 a.m. UTC 
If nfsd4_layout_setlease fail, nfsd will not put ls->ls_file.

Fix commit c5c707f96f "nfsd: implement pNFS layout recalls".

Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
---
 fs/nfsd/nfs4layouts.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

Comments

J. Bruce Fields July 8, 2015, 9:30 p.m. UTC | #1 
On Fri, Jul 03, 2015 at 07:32:07PM +0800, Kinglong Mee wrote:
> If nfsd4_layout_setlease fail, nfsd will not put ls->ls_file.
> 
> Fix commit c5c707f96f "nfsd: implement pNFS layout recalls".
> 
> Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
> ---
>  fs/nfsd/nfs4layouts.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/fs/nfsd/nfs4layouts.c b/fs/nfsd/nfs4layouts.c
> index 6904213..367a65a 100644
> --- a/fs/nfsd/nfs4layouts.c
> +++ b/fs/nfsd/nfs4layouts.c
> @@ -212,8 +212,7 @@ nfsd4_alloc_layout_stateid(struct nfsd4_compound_state *cstate,
>  	BUG_ON(!ls->ls_file);
>  
>  	if (nfsd4_layout_setlease(ls)) {
> -		put_nfs4_file(fp);
> -		kmem_cache_free(nfs4_layout_stateid_cache, ls);
> +		nfs4_put_stid(stp);

Hm, is the stateid really completely enough set up that this is safe?

Looking at nfsd4_free_layout_stateid.... OK, the unnecessary lease
unlock and tracepoint are a bit ugly bug I guess we can live with those.

--b.

>  		return NULL;
>  	}
>  
> -- 
> 2.4.3
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Christoph Hellwig July 9, 2015, 8:12 a.m. UTC | #2 
On Wed, Jul 08, 2015 at 05:30:15PM -0400, J. Bruce Fields wrote:
> Hm, is the stateid really completely enough set up that this is safe?

It's not.  nfsd4_free_layout_stateid unconditionally deletes
from the per-client and per-file lists which are empty at this
point.  Just adding an explicit fput would be the better fix.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Kinglong Mee July 9, 2015, 9:31 a.m. UTC | #3 
On 7/9/2015 16:12, Christoph Hellwig wrote:
> On Wed, Jul 08, 2015 at 05:30:15PM -0400, J. Bruce Fields wrote:
>> Hm, is the stateid really completely enough set up that this is safe?
> 
> It's not.  nfsd4_free_layout_stateid unconditionally deletes
> from the per-client and per-file lists which are empty at this
> point.  Just adding an explicit fput would be the better fix.
> 

Got it.

thanks,
Kinglong Mee
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/fs/nfsd/nfs4layouts.c b/fs/nfsd/nfs4layouts.c
index 6904213..367a65a 100644
--- a/fs/nfsd/nfs4layouts.c
+++ b/fs/nfsd/nfs4layouts.c
@@ -212,8 +212,7 @@  nfsd4_alloc_layout_stateid(struct nfsd4_compound_state *cstate,
 	BUG_ON(!ls->ls_file);
 
 	if (nfsd4_layout_setlease(ls)) {
-		put_nfs4_file(fp);
-		kmem_cache_free(nfs4_layout_stateid_cache, ls);
+		nfs4_put_stid(stp);
 		return NULL;
 	}