Unverified Commit 01c77244 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!12554 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() 

Merge Pull Request from: @ci-robot 
 
PR sync from: Long Li <leo.lilong@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/OG7FX7LBTTWVNHN2CDDNH2ZCH64KTU3T/ 
 
https://gitee.com/src-openeuler/kernel/issues/IAYREY 
 
Link:https://gitee.com/openeuler/kernel/pulls/12554

 

Reviewed-by: default avatarZhang Peng <zhangpeng362@huawei.com>
Signed-off-by: default avatarZhang Peng <zhangpeng362@huawei.com>
parents 283e4b4d 1df2dee1

fs/nfs/client.c

+1 −0
Original line number Diff line number Diff line
@@ -987,6 +987,7 @@ struct nfs_server *nfs_alloc_server(void) 
	INIT_LIST_HEAD(&server->layouts);

	INIT_LIST_HEAD(&server->state_owners_lru);

	INIT_LIST_HEAD(&server->ss_copies);

	INIT_LIST_HEAD(&server->ss_src_copies);



	atomic_set(&server->active, 0);

fs/nfs/nfs42proc.c

+1 −1
Original line number Diff line number Diff line
@@ -218,7 +218,7 @@ static int handle_async_copy(struct nfs42_copy_res *res, 


	if (dst_server != src_server) {

		spin_lock(&src_server->nfs_client->cl_lock);

		list_add_tail(&copy->src_copies, &src_server->ss_copies);

		list_add_tail(&copy->src_copies, &src_server->ss_src_copies);

		spin_unlock(&src_server->nfs_client->cl_lock);

	}

fs/nfs/nfs4state.c

+1 −1
Original line number Diff line number Diff line
@@ -1597,7 +1597,7 @@ static void nfs42_complete_copies(struct nfs4_state_owner *sp, struct nfs4_state 
			complete(&copy->completion);

		}

	}

	list_for_each_entry(copy, &sp->so_server->ss_copies, src_copies) {

	list_for_each_entry(copy, &sp->so_server->ss_src_copies, src_copies) {

		if ((test_bit(NFS_CLNT_SRC_SSC_COPY_STATE, &state->flags) &&

				!nfs4_stateid_match_other(&state->stateid,

				&copy->parent_src_state->stateid)))

include/linux/nfs_fs_sb.h

+1 −0
Original line number Diff line number Diff line
@@ -238,6 +238,7 @@ struct nfs_server { 
	struct list_head	layouts;

	struct list_head	delegations;

	struct list_head	ss_copies;

	struct list_head	ss_src_copies;



	unsigned long		mig_gen;

	unsigned long		mig_status;