2019-08-04 03:50:41

by Trond Myklebust

[permalink] [raw]
Subject: [PATCH] NFSv4: Fix an Oops in nfs4_do_setattr

If the user specifies an open mode of 3, then we don't have a NFSv4 state
attached to the context, and so we Oops when we try to dereference it.

Reported-by: Olga Kornievskaia <[email protected]>
Fixes: 29b59f9416937 ("NFSv4: change nfs4_do_setattr to take...")
Signed-off-by: Trond Myklebust <[email protected]>
Cc: [email protected] # v4.10: 991eedb1371dc: NFSv4: Only pass the...
Cc: [email protected] # v4.10+
---
fs/nfs/nfs4proc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 3e0b93f2b61a..12b2b65ad8a8 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -3214,7 +3214,7 @@ static int _nfs4_do_setattr(struct inode *inode,

if (nfs4_copy_delegation_stateid(inode, FMODE_WRITE, &arg->stateid, &delegation_cred)) {
/* Use that stateid */
- } else if (ctx != NULL) {
+ } else if (ctx != NULL && ctx->state) {
struct nfs_lock_context *l_ctx;
if (!nfs4_valid_open_stateid(ctx->state))
return -EBADF;
--
2.21.0


2019-08-05 16:39:22

by Olga Kornievskaia

[permalink] [raw]
Subject: Re: [PATCH] NFSv4: Fix an Oops in nfs4_do_setattr

On Sat, Aug 3, 2019 at 10:45 AM Trond Myklebust <[email protected]> wrote:
>
> If the user specifies an open mode of 3, then we don't have a NFSv4 state
> attached to the context, and so we Oops when we try to dereference it.
>
> Reported-by: Olga Kornievskaia <[email protected]>
> Fixes: 29b59f9416937 ("NFSv4: change nfs4_do_setattr to take...")
> Signed-off-by: Trond Myklebust <[email protected]>
> Cc: [email protected] # v4.10: 991eedb1371dc: NFSv4: Only pass the...
> Cc: [email protected] # v4.10+
> ---
> fs/nfs/nfs4proc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
> index 3e0b93f2b61a..12b2b65ad8a8 100644
> --- a/fs/nfs/nfs4proc.c
> +++ b/fs/nfs/nfs4proc.c
> @@ -3214,7 +3214,7 @@ static int _nfs4_do_setattr(struct inode *inode,
>
> if (nfs4_copy_delegation_stateid(inode, FMODE_WRITE, &arg->stateid, &delegation_cred)) {
> /* Use that stateid */
> - } else if (ctx != NULL) {
> + } else if (ctx != NULL && ctx->state) {
> struct nfs_lock_context *l_ctx;
> if (!nfs4_valid_open_stateid(ctx->state))
> return -EBADF;

Thank you Trond. No longer oops-ing with this patch.

> --
> 2.21.0
>