Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 437cf4c7 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'nfs-for-3.3-4' of git://git.linux-nfs.org/projects/trondmy/linux-nfs 

Bugfixes for the NFS client.

Fix a nasty Oops in the NFSv4 getacl code, another source of infinite
loops in the NFSv4 state recovery code, and a regression in NFSv4.1
session initialisation.

Also deal with an NFSv4.1 memory leak.

* tag 'nfs-for-3.3-4' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
  NFSv4: fix server_scope memory leak
  NFSv4.1: Fix a NFSv4.1 session initialisation regression
  NFSv4: Ensure we throw out bad delegation stateids on NFS4ERR_BAD_STATEID
  NFSv4: Fix an Oops in the NFSv4 getacl code
parents 719741d9 abe9a6d5

fs/nfs/nfs4proc.c

+55 −75
Original line number Original line Diff line number Diff line
@@ -3575,8 +3575,8 @@ static ssize_t __nfs4_get_acl_uncached(struct inode *inode, void *buf, size_t bu 
	}

	}

	if (npages > 1) {

	if (npages > 1) {

		/* for decoding across pages */

		/* for decoding across pages */

		args.acl_scratch = alloc_page(GFP_KERNEL);

		res.acl_scratch = alloc_page(GFP_KERNEL);

		if (!args.acl_scratch)

		if (!res.acl_scratch)

			goto out_free;

			goto out_free;

	}

	}

	args.acl_len = npages * PAGE_SIZE;

	args.acl_len = npages * PAGE_SIZE;
@@ -3612,8 +3612,8 @@ static ssize_t __nfs4_get_acl_uncached(struct inode *inode, void *buf, size_t bu 
	for (i = 0; i < npages; i++)

	for (i = 0; i < npages; i++)

		if (pages[i])

		if (pages[i])

			__free_page(pages[i]);

			__free_page(pages[i]);

	if (args.acl_scratch)

	if (res.acl_scratch)

		__free_page(args.acl_scratch);

		__free_page(res.acl_scratch);

	return ret;

	return ret;

}

}
@@ -4883,8 +4883,10 @@ int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred) 
				clp->cl_rpcclient->cl_auth->au_flavor);

				clp->cl_rpcclient->cl_auth->au_flavor);





	res.server_scope = kzalloc(sizeof(struct server_scope), GFP_KERNEL);

	res.server_scope = kzalloc(sizeof(struct server_scope), GFP_KERNEL);

	if (unlikely(!res.server_scope))

	if (unlikely(!res.server_scope)) {

		return -ENOMEM;

		status = -ENOMEM;

		goto out;

	}





	status = rpc_call_sync(clp->cl_rpcclient, &msg, RPC_TASK_TIMEOUT);

	status = rpc_call_sync(clp->cl_rpcclient, &msg, RPC_TASK_TIMEOUT);

	if (!status)

	if (!status)
@@ -4901,12 +4903,13 @@ int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred) 
			clp->server_scope = NULL;

			clp->server_scope = NULL;

		}

		}





		if (!clp->server_scope)

		if (!clp->server_scope) {

			clp->server_scope = res.server_scope;

			clp->server_scope = res.server_scope;

		else

			goto out;

			kfree(res.server_scope);

		}

		}



	}

	kfree(res.server_scope);

out:

	dprintk("<-- %s status= %d\n", __func__, status);

	dprintk("<-- %s status= %d\n", __func__, status);

	return status;

	return status;

}

}
@@ -5008,37 +5011,53 @@ int nfs4_proc_get_lease_time(struct nfs_client *clp, struct nfs_fsinfo *fsinfo) 
	return status;

	return status;

}

}





static struct nfs4_slot *nfs4_alloc_slots(u32 max_slots, gfp_t gfp_flags)

{

	return kcalloc(max_slots, sizeof(struct nfs4_slot), gfp_flags);

}



static void nfs4_add_and_init_slots(struct nfs4_slot_table *tbl,

		struct nfs4_slot *new,

		u32 max_slots,

		u32 ivalue)

{

	struct nfs4_slot *old = NULL;

	u32 i;



	spin_lock(&tbl->slot_tbl_lock);

	if (new) {

		old = tbl->slots;

		tbl->slots = new;

		tbl->max_slots = max_slots;

	}

	tbl->highest_used_slotid = -1;	/* no slot is currently used */

	for (i = 0; i < tbl->max_slots; i++)

		tbl->slots[i].seq_nr = ivalue;

	spin_unlock(&tbl->slot_tbl_lock);

	kfree(old);

}



/*

/*

 * Reset a slot table

 * (re)Initialise a slot table

 */

 */

static int nfs4_reset_slot_table(struct nfs4_slot_table *tbl, u32 max_reqs,

static int nfs4_realloc_slot_table(struct nfs4_slot_table *tbl, u32 max_reqs,

				 int ivalue)

				 u32 ivalue)

{

{

	struct nfs4_slot *new = NULL;

	struct nfs4_slot *new = NULL;

	int i;

	int ret = -ENOMEM;

	int ret = 0;





	dprintk("--> %s: max_reqs=%u, tbl->max_slots %d\n", __func__,

	dprintk("--> %s: max_reqs=%u, tbl->max_slots %d\n", __func__,

		max_reqs, tbl->max_slots);

		max_reqs, tbl->max_slots);





	/* Does the newly negotiated max_reqs match the existing slot table? */

	/* Does the newly negotiated max_reqs match the existing slot table? */

	if (max_reqs != tbl->max_slots) {

	if (max_reqs != tbl->max_slots) {

		ret = -ENOMEM;

		new = nfs4_alloc_slots(max_reqs, GFP_NOFS);

		new = kmalloc(max_reqs * sizeof(struct nfs4_slot),

			      GFP_NOFS);

		if (!new)

		if (!new)

			goto out;

			goto out;

		ret = 0;

		kfree(tbl->slots);

	}

	spin_lock(&tbl->slot_tbl_lock);

	if (new) {

		tbl->slots = new;

		tbl->max_slots = max_reqs;

	}

	}

	for (i = 0; i < tbl->max_slots; ++i)

	ret = 0;

		tbl->slots[i].seq_nr = ivalue;



	spin_unlock(&tbl->slot_tbl_lock);

	nfs4_add_and_init_slots(tbl, new, max_reqs, ivalue);

	dprintk("%s: tbl=%p slots=%p max_slots=%d\n", __func__,

	dprintk("%s: tbl=%p slots=%p max_slots=%d\n", __func__,

		tbl, tbl->slots, tbl->max_slots);

		tbl, tbl->slots, tbl->max_slots);

out:

out:
@@ -5060,36 +5079,6 @@ static void nfs4_destroy_slot_tables(struct nfs4_session *session) 
	return;

	return;

}

}





/*

 * Initialize slot table

 */

static int nfs4_init_slot_table(struct nfs4_slot_table *tbl,

		int max_slots, int ivalue)

{

	struct nfs4_slot *slot;

	int ret = -ENOMEM;



	BUG_ON(max_slots > NFS4_MAX_SLOT_TABLE);



	dprintk("--> %s: max_reqs=%u\n", __func__, max_slots);



	slot = kcalloc(max_slots, sizeof(struct nfs4_slot), GFP_NOFS);

	if (!slot)

		goto out;

	ret = 0;



	spin_lock(&tbl->slot_tbl_lock);

	tbl->max_slots = max_slots;

	tbl->slots = slot;

	tbl->highest_used_slotid = -1;  /* no slot is currently used */

	spin_unlock(&tbl->slot_tbl_lock);

	dprintk("%s: tbl=%p slots=%p max_slots=%d\n", __func__,

		tbl, tbl->slots, tbl->max_slots);

out:

	dprintk("<-- %s: return %d\n", __func__, ret);

	return ret;

}



/*

/*

 * Initialize or reset the forechannel and backchannel tables

 * Initialize or reset the forechannel and backchannel tables

 */

 */
@@ -5101,25 +5090,16 @@ static int nfs4_setup_session_slot_tables(struct nfs4_session *ses) 
	dprintk("--> %s\n", __func__);

	dprintk("--> %s\n", __func__);

	/* Fore channel */

	/* Fore channel */

	tbl = &ses->fc_slot_table;

	tbl = &ses->fc_slot_table;

	if (tbl->slots == NULL) {

	status = nfs4_realloc_slot_table(tbl, ses->fc_attrs.max_reqs, 1);

		status = nfs4_init_slot_table(tbl, ses->fc_attrs.max_reqs, 1);

	if (status) /* -ENOMEM */

	if (status) /* -ENOMEM */

		return status;

		return status;

	} else {

		status = nfs4_reset_slot_table(tbl, ses->fc_attrs.max_reqs, 1);

		if (status)

			return status;

	}

	/* Back channel */

	/* Back channel */

	tbl = &ses->bc_slot_table;

	tbl = &ses->bc_slot_table;

	if (tbl->slots == NULL) {

	status = nfs4_realloc_slot_table(tbl, ses->bc_attrs.max_reqs, 0);

		status = nfs4_init_slot_table(tbl, ses->bc_attrs.max_reqs, 0);

	if (status && tbl->slots == NULL)

		if (status)

		/* Fore and back channel share a connection so get

		/* Fore and back channel share a connection so get

		 * both slot tables or neither */

		 * both slot tables or neither */

		nfs4_destroy_slot_tables(ses);

		nfs4_destroy_slot_tables(ses);

	} else

		status = nfs4_reset_slot_table(tbl, ses->bc_attrs.max_reqs, 0);

	return status;

	return status;

}

}

fs/nfs/nfs4state.c

+2 −0
Original line number Original line Diff line number Diff line
@@ -1132,6 +1132,8 @@ void nfs4_schedule_stateid_recovery(const struct nfs_server *server, struct nfs4 
{

{

	struct nfs_client *clp = server->nfs_client;

	struct nfs_client *clp = server->nfs_client;





	if (test_and_clear_bit(NFS_DELEGATED_STATE, &state->flags))

		nfs_async_inode_return_delegation(state->inode, &state->stateid);

	nfs4_state_mark_reclaim_nograce(clp, state);

	nfs4_state_mark_reclaim_nograce(clp, state);

	nfs4_schedule_state_manager(clp);

	nfs4_schedule_state_manager(clp);

}

}

fs/nfs/nfs4xdr.c

+4 −1
Original line number Original line Diff line number Diff line
@@ -2522,7 +2522,6 @@ static void nfs4_xdr_enc_getacl(struct rpc_rqst *req, struct xdr_stream *xdr, 




	xdr_inline_pages(&req->rq_rcv_buf, replen << 2,

	xdr_inline_pages(&req->rq_rcv_buf, replen << 2,

		args->acl_pages, args->acl_pgbase, args->acl_len);

		args->acl_pages, args->acl_pgbase, args->acl_len);

	xdr_set_scratch_buffer(xdr, page_address(args->acl_scratch), PAGE_SIZE);





	encode_nops(&hdr);

	encode_nops(&hdr);

}

}
@@ -6032,6 +6031,10 @@ nfs4_xdr_dec_getacl(struct rpc_rqst *rqstp, struct xdr_stream *xdr, 
	struct compound_hdr hdr;

	struct compound_hdr hdr;

	int status;

	int status;





	if (res->acl_scratch != NULL) {

		void *p = page_address(res->acl_scratch);

		xdr_set_scratch_buffer(xdr, p, PAGE_SIZE);

	}

	status = decode_compound_hdr(xdr, &hdr);

	status = decode_compound_hdr(xdr, &hdr);

	if (status)

	if (status)

		goto out;

		goto out;

include/linux/nfs_xdr.h

+1 −1
Original line number Original line Diff line number Diff line
@@ -614,7 +614,6 @@ struct nfs_getaclargs { 
	size_t				acl_len;

	size_t				acl_len;

	unsigned int			acl_pgbase;

	unsigned int			acl_pgbase;

	struct page **			acl_pages;

	struct page **			acl_pages;

	struct page *			acl_scratch;

	struct nfs4_sequence_args 	seq_args;

	struct nfs4_sequence_args 	seq_args;

};

};
@@ -624,6 +623,7 @@ struct nfs_getaclres { 
	size_t				acl_len;

	size_t				acl_len;

	size_t				acl_data_offset;

	size_t				acl_data_offset;

	int				acl_flags;

	int				acl_flags;

	struct page *			acl_scratch;

	struct nfs4_sequence_res	seq_res;

	struct nfs4_sequence_res	seq_res;

};

};