| Message ID | 20210309144114.57778-1-olga.kornievskaia@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/1] NFSD: fix dest to src mount in inter-server COPY | expand |
On 3/9/21 6:41 AM, Olga Kornievskaia wrote: > From: Olga Kornievskaia <kolga@netapp.com> > > A cleanup of the inter SSC copy needs to call fput() of the source > file handle to make sure that file structure is freed as well as > drop the reference on the superblock to unmount the source server. Thanks Olga, I tested the patch and verified that the source was unmounted and the file resources were released properly. Tested-by: Dai Ngo <dai.ngo@oracle.com> > > Fixes: 36e1e5ba90fb ("NFSD: Fix use-after-free warning when doing inter-server copy") > Signed-off-by: Olga Kornievskaia <kolga@netapp.com> > --- > fs/nfsd/nfs4proc.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c > index 8d6d2678abad..3581ce737e85 100644 > --- a/fs/nfsd/nfs4proc.c > +++ b/fs/nfsd/nfs4proc.c > @@ -1304,7 +1304,7 @@ nfsd4_cleanup_inter_ssc(struct vfsmount *ss_mnt, struct nfsd_file *src, > struct nfsd_file *dst) > { > nfs42_ssc_close(src->nf_file); > - /* 'src' is freed by nfsd4_do_async_copy */ > + fput(src->nf_file); > nfsd_file_put(dst); > mntput(ss_mnt); > }
> On Mar 9, 2021, at 1:21 PM, Dai Ngo <dai.ngo@oracle.com> wrote: > > On 3/9/21 6:41 AM, Olga Kornievskaia wrote: > >> From: Olga Kornievskaia <kolga@netapp.com> >> >> A cleanup of the inter SSC copy needs to call fput() of the source >> file handle to make sure that file structure is freed as well as >> drop the reference on the superblock to unmount the source server. > > Thanks Olga, I tested the patch and verified that the source was > unmounted and the file resources were released properly. > > Tested-by: Dai Ngo <dai.ngo@oracle.com> Thanks to you both! This has been added to the for-rc topic branch in: git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git replacing Dai's earlier patch addressing the same issue. >> Fixes: 36e1e5ba90fb ("NFSD: Fix use-after-free warning when doing inter-server copy") >> Signed-off-by: Olga Kornievskaia <kolga@netapp.com> >> --- >> fs/nfsd/nfs4proc.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c >> index 8d6d2678abad..3581ce737e85 100644 >> --- a/fs/nfsd/nfs4proc.c >> +++ b/fs/nfsd/nfs4proc.c >> @@ -1304,7 +1304,7 @@ nfsd4_cleanup_inter_ssc(struct vfsmount *ss_mnt, struct nfsd_file *src, >> struct nfsd_file *dst) >> { >> nfs42_ssc_close(src->nf_file); >> - /* 'src' is freed by nfsd4_do_async_copy */ >> + fput(src->nf_file); >> nfsd_file_put(dst); >> mntput(ss_mnt); >> } -- Chuck Lever
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index 8d6d2678abad..3581ce737e85 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -1304,7 +1304,7 @@ nfsd4_cleanup_inter_ssc(struct vfsmount *ss_mnt, struct nfsd_file *src, struct nfsd_file *dst) { nfs42_ssc_close(src->nf_file); - /* 'src' is freed by nfsd4_do_async_copy */ + fput(src->nf_file); nfsd_file_put(dst); mntput(ss_mnt); }