Commit 692ad280 authored by Andrew Elble's avatar Andrew Elble Committed by J. Bruce Fields

nfsd: fix error handling in nfs4_set_delegation()

I noticed a memory corruption crash in nfsd in
4.17-rc1. This patch corrects the issue.

Fix to return error if the delegation couldn't be hashed or there was
a recall in progress. Use the existing error path instead of
destroy_delegation() for readability.
Signed-off-by: default avatarAndrew Elble <aweits@rit.edu>
Fixes: 353601e7 ("nfsd: create a separate lease for each delegation")
Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
parent 3171822f
...@@ -4378,8 +4378,11 @@ nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh, ...@@ -4378,8 +4378,11 @@ nfs4_set_delegation(struct nfs4_client *clp, struct svc_fh *fh,
spin_unlock(&state_lock); spin_unlock(&state_lock);
if (status) if (status)
destroy_unhashed_deleg(dp); goto out_unlock;
return dp; return dp;
out_unlock:
vfs_setlease(fp->fi_deleg_file, F_UNLCK, NULL, (void **)&dp);
out_clnt_odstate: out_clnt_odstate:
put_clnt_odstate(dp->dl_clnt_odstate); put_clnt_odstate(dp->dl_clnt_odstate);
out_stid: out_stid:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment