From 80b979c1bec21a76913c056ab0a024e41eab0857 Mon Sep 17 00:00:00 2001
From: Scott Mayhew <smayhew@redhat.com>
Date: Mon, 27 Jun 2022 17:31:29 -0400
Subject: [PATCH] NFSv4: Add an fattr allocation to _nfs4_discover_trunking()
This was missed in c3ed222745d9 ("NFSv4: Fix free of uninitialized
nfs4_label on referral lookup.") and causes a panic when mounting
with '-o trunkdiscovery':
PID: 1604 TASK: ffff93dac3520000 CPU: 3 COMMAND: "mount.nfs"
#0 [ffffb79140f738f8] machine_kexec at ffffffffaec64bee
#1 [ffffb79140f73950] __crash_kexec at ffffffffaeda67fd
#2 [ffffb79140f73a18] crash_kexec at ffffffffaeda76ed
#3 [ffffb79140f73a30] oops_end at ffffffffaec2658d
#4 [ffffb79140f73a50] general_protection at ffffffffaf60111e
[exception RIP: nfs_fattr_init+0x5]
RIP: ffffffffc0c18265 RSP: ffffb79140f73b08 RFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff93dac304a800 RCX: 0000000000000000
RDX: ffffb79140f73bb0 RSI: ffff93dadc8cbb40 RDI: d03ee11cfaf6bd50
RBP: ffffb79140f73be8 R8: ffffffffc0691560 R9: 0000000000000006
R10: ffff93db3ffd3df8 R11: 0000000000000000 R12: ffff93dac4040000
R13: ffff93dac2848e00 R14: ffffb79140f73b60 R15: ffffb79140f73b30
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
#5 [ffffb79140f73b08] _nfs41_proc_get_locations at ffffffffc0c73d53 [nfsv4]
#6 [ffffb79140f73bf0] nfs4_proc_get_locations at ffffffffc0c83e90 [nfsv4]
#7 [ffffb79140f73c60] nfs4_discover_trunking at ffffffffc0c83fb7 [nfsv4]
#8 [ffffb79140f73cd8] nfs_probe_fsinfo at ffffffffc0c0f95f [nfs]
#9 [ffffb79140f73da0] nfs_probe_server at ffffffffc0c1026a [nfs]
RIP: 00007f6254fce26e RSP: 00007ffc69496ac8 RFLAGS: 00000246
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6254fce26e
RDX: 00005600220a82a0 RSI: 00005600220a64d0 RDI: 00005600220a6520
RBP: 00007ffc69496c50 R8: 00005600220a8710 R9: 003035322e323231
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc69496c50
R13: 00005600220a8440 R14: 0000000000000010 R15: 0000560020650ef9
ORIG_RAX: 00000000000000a5 CS: 0033 SS: 002b
Fixes: c3ed222745d9 ("NFSv4: Fix free of uninitialized nfs4_label on referral lookup.")
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
(cherry picked from commit 4f40a5b5544618b096d1611a18219dd91fd57f80)
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
---
fs/nfs/nfs4proc.c | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
@@ -3981,18 +3981,23 @@ static int _nfs4_discover_trunking(struct nfs_server *server,
}
page = alloc_page(GFP_KERNEL);
+ if (!page)
+ return -ENOMEM;
locations = kmalloc(sizeof(struct nfs4_fs_locations), GFP_KERNEL);
- if (page == NULL || locations == NULL)
- goto out;
+ if (!locations)
+ goto out_free;
+ locations->fattr = nfs_alloc_fattr();
+ if (!locations->fattr)
+ goto out_free_2;
status = nfs4_proc_get_locations(server, fhandle, locations, page,
cred);
- if (status)
- goto out;
-out:
- if (page)
- __free_page(page);
+
+ kfree(locations->fattr);
+out_free_2:
kfree(locations);
+out_free:
+ __free_page(page);
return status;
}
--
2.37.3
Hi Greg / Sasha, Can we please pull commit c3ed222745d9 ("NFSv4: Fix free of uninitialized nfs4_label on referral lookup.") into the 5.15.x tree? As far as I can tell, it should apply cleanly on top of v5.15.75. Unfortunately, that commit also contains a bug, which requires us to pull in commit 4f40a5b55446 ("NFSv4: Add an fattr allocation to _nfs4_discover_trunking()"), which does not apply cleanly. I've attached a backported version to this email. I'm seeing the Oops that this commit fixes when I do a NFSv4.2 mount from a NFS client running a 5.15.75 kernel against a server that has referrals configured. The reason is that commit d755ad8dc752 ("NFS: Create a new nfs_alloc_fattr_with_label() function") got pulled into v5.15.46 apparently as part of a dependency. Thanks Trond