[Devel] [PATCH RH7] nfs: remove excess dput in nfs_prime_dcache
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Thu Aug 11 16:54:55 MSK 2022
Imagine code path:
static
void nfs_prime_dcache(struct dentry *parent, struct nfs_entry *entry)
{
...
dentry = d_lookup(parent, &filename); // get non-null dentry
if (dentry != NULL) { // true
/* Is there a mountpoint here? If so, just exit */
if (!nfs_fsid_equal(&NFS_SB(dentry->d_sb)->fsid,
&entry->fattr->fsid)) // false
goto out;
if (nfs_same_file(dentry, entry)) { // false
if (!entry->fh->size)
goto out;
nfs_set_verifier(dentry, nfs_save_change_attribute(dir));
status = nfs_refresh_inode(dentry->d_inode, entry->fattr);
if (!status)
nfs_setsecurity(dentry->d_inode, entry->fattr, entry->label);
goto out;
} else {
if (d_invalidate(dentry) != 0) // false
goto out;
dput(dentry); // put dentry first time
}
}
if (!entry->fh->size) // true
goto out;
...
out:
dput(dentry); // put dentry second time
}
Because of this excess dput we get a crash in __put_nfs_open_context
as ctx->dentry->inode becomes zero.
Problem appeared due to bad port of [1] in RHEL.
7dc72d5f7a0e ("NFS: Fix inode corruption in nfs_prime_dcache()") [1]
https://jira.sw.ru/browse/PSBM-141526
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
fs/nfs/dir.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
index bd1a419d34c7..033e65319327 100644
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -527,7 +527,7 @@ void nfs_prime_dcache(struct dentry *parent, struct nfs_entry *entry)
}
}
if (!entry->fh->size)
- goto out;
+ return;
dentry = d_alloc(parent, &filename);
if (dentry == NULL)
--
2.37.1
More information about the Devel
mailing list