lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4A664A76.5000902@garzik.org>
Date:	Tue, 21 Jul 2009 19:08:38 -0400
From:	Jeff Garzik <jeff@...zik.org>
To:	Trond Myklebust <Trond.Myklebust@...app.com>
CC:	LKML <linux-kernel@...r.kernel.org>,
	Linux NFS ML <linux-nfs@...r.kernel.org>,
	"Rafael J. Wysocki" <rjw@...k.pl>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: 2.6.31-rc3 nfsv4 client regression (oops)

Trond Myklebust wrote:
> NFSv4: Fix an Oops in nfs4_free_lock_state
> 
> The oops http://www.kerneloops.org/raw.php?rawid=537858&msgid= appears to
> be due to the nfs4_lock_state->ls_state field being uninitialised. This
> happens if the call to nfs4_free_lock_state() is triggered at the end of
> nfs4_get_lock_state().
> 
> The fixe is to move the initialisation of ls_state into the allocator.
> 
> Signed-off-by: Trond Myklebust <Trond.Myklebust@...app.com>
> ---
> 
>  fs/nfs/nfs4state.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> 
> diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c
> index b73c5a7..65ca8c1 100644
> --- a/fs/nfs/nfs4state.c
> +++ b/fs/nfs/nfs4state.c
> @@ -553,6 +553,7 @@ static struct nfs4_lock_state *nfs4_alloc_lock_state(struct nfs4_state *state, f
>  	INIT_LIST_HEAD(&lsp->ls_sequence.list);
>  	lsp->ls_seqid.sequence = &lsp->ls_sequence;
>  	atomic_set(&lsp->ls_count, 1);
> +	lsp->ls_state = state;
>  	lsp->ls_owner = fl_owner;
>  	spin_lock(&clp->cl_lock);
>  	nfs_alloc_unique_id(&clp->cl_lockowner_id, &lsp->ls_id, 1, 64);
> @@ -587,7 +588,6 @@ static struct nfs4_lock_state *nfs4_get_lock_state(struct nfs4_state *state, fl_
>  		if (lsp != NULL)
>  			break;
>  		if (new != NULL) {
> -			new->ls_state = state;
>  			list_add(&new->ls_locks, &state->lock_states);
>  			set_bit(LK_STATE_IN_USE, &state->flags);

Ping?  This is headed upstream, right?

This oops fix has lived outside the tree for at least a week now, and 
IMO needs to move upstream...

	Jeff



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ