Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d48e82da authored by Benjamin Coddington's avatar Benjamin Coddington Committed by Sasha Levin
Browse files

nfs4: start callback_ident at idr 1 



[ Upstream commit c68a027c05709330fe5b2f50c50d5fa02124b5d8 ]

If clp->cl_cb_ident is zero, then nfs_cb_idr_remove_locked() skips removing
it when the nfs_client is freed.  A decoding or server bug can then find
and try to put that first nfs_client which would lead to a crash.

Signed-off-by: default avatarBenjamin Coddington <bcodding@redhat.com>
Fixes: d6870312 ("nfs4client: convert to idr_alloc()")
Cc: stable@vger.kernel.org
Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
parent e46b3f45
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment