nfs4: take a reference on the nfs_client when running FREE_STATEID - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Scott Mayhew <[email protected]>	2021-11-03 06:24:40 -0400
committer	Trond Myklebust <[email protected]>	2021-11-03 08:47:51 -0400
commit	576acc259146af848cec0940f573f7125a116b9f (patch)
tree	fbc8c76b6b3c63888bc8457725da1506da41af11 /lib/mpi/mpi-add.c
parent	edfa0b16bf9eb1e2c93e7e846e0e02c51395ca7b (diff)

nfs4: take a reference on the nfs_client when running FREE_STATEID

During umount, the session slot tables are freed. If there are outstanding FREE_STATEID tasks, a use-after-free and slab corruption can occur when rpc_exit_task calls rpc_call_done -> nfs41_sequence_done -> nfs4_sequence_process/nfs41_sequence_free_slot. Prevent that from happening by taking a reference on the nfs_client in nfs41_free_stateid and putting it in nfs41_free_stateid_release. Signed-off-by: Scott Mayhew <[email protected]> Signed-off-by: Trond Myklebust <[email protected]>

Diffstat (limited to 'lib/mpi/mpi-add.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: