NFS: Fix a delegation callback race

The clean-up in commit 36281caa83 ended up removing a NULL pointer check
that is needed in order to prevent an Oops in
nfs_async_inode_return_delegation().

Reported-by: "Yan, Zheng" <zheng.z.yan@intel.com>
Link: http://lkml.kernel.org/r/5313E9F6.2020405@intel.com
Fixes: 36281caa83 (NFSv4: Further clean-ups of delegation stateid validation)
Cc: stable@vger.kernel.org # 3.4+
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
This commit is contained in:
Trond Myklebust 2014-03-02 22:03:12 -05:00
parent b7e63a1079
commit 755a48a7a4

View file

@ -659,16 +659,19 @@ int nfs_async_inode_return_delegation(struct inode *inode,
rcu_read_lock(); rcu_read_lock();
delegation = rcu_dereference(NFS_I(inode)->delegation); delegation = rcu_dereference(NFS_I(inode)->delegation);
if (delegation == NULL)
goto out_enoent;
if (!clp->cl_mvops->match_stateid(&delegation->stateid, stateid)) { if (!clp->cl_mvops->match_stateid(&delegation->stateid, stateid))
rcu_read_unlock(); goto out_enoent;
return -ENOENT;
}
nfs_mark_return_delegation(server, delegation); nfs_mark_return_delegation(server, delegation);
rcu_read_unlock(); rcu_read_unlock();
nfs_delegation_run_state_manager(clp); nfs_delegation_run_state_manager(clp);
return 0; return 0;
out_enoent:
rcu_read_unlock();
return -ENOENT;
} }
static struct inode * static struct inode *