This is a note to let you know that I've just added the patch titled
pNFS: Prevent the layout header refcount going to zero in pnfs_roc()
to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: pnfs-prevent-the-layout-header-refcount-going-to-zero-in-pnfs_roc.patch and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
From 9c6376ebddad585da4238532dd6d90ae23ffee67 Mon Sep 17 00:00:00 2001
From: Trond Myklebust trond.myklebust@primarydata.com Date: Wed, 7 Mar 2018 14:49:06 -0500 Subject: pNFS: Prevent the layout header refcount going to zero in pnfs_roc()
From: Trond Myklebust trond.myklebust@primarydata.com
commit 9c6376ebddad585da4238532dd6d90ae23ffee67 upstream.
Ensure that we hold a reference to the layout header when processing the pNFS return-on-close so that the refcount value does not inadvertently go to zero.
Reported-by: Tigran Mkrtchyan tigran.mkrtchyan@desy.de Signed-off-by: Trond Myklebust trond.myklebust@primarydata.com Cc: stable@vger.kernel.org # v4.10+ Tested-by: Tigran Mkrtchyan tigran.mkrtchyan@desy.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- fs/nfs/pnfs.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-)
--- a/fs/nfs/pnfs.c +++ b/fs/nfs/pnfs.c @@ -292,8 +292,11 @@ pnfs_detach_layout_hdr(struct pnfs_layou void pnfs_put_layout_hdr(struct pnfs_layout_hdr *lo) { - struct inode *inode = lo->plh_inode; + struct inode *inode;
+ if (!lo) + return; + inode = lo->plh_inode; pnfs_layoutreturn_before_put_layout_hdr(lo);
if (atomic_dec_and_lock(&lo->plh_refcount, &inode->i_lock)) { @@ -1223,10 +1226,12 @@ retry: spin_lock(&ino->i_lock); lo = nfsi->layout; if (!lo || !pnfs_layout_is_valid(lo) || - test_bit(NFS_LAYOUT_BULK_RECALL, &lo->plh_flags)) + test_bit(NFS_LAYOUT_BULK_RECALL, &lo->plh_flags)) { + lo = NULL; goto out_noroc; + } + pnfs_get_layout_hdr(lo); if (test_bit(NFS_LAYOUT_RETURN_LOCK, &lo->plh_flags)) { - pnfs_get_layout_hdr(lo); spin_unlock(&ino->i_lock); wait_on_bit(&lo->plh_flags, NFS_LAYOUT_RETURN, TASK_UNINTERRUPTIBLE); @@ -1294,10 +1299,12 @@ out_noroc: struct pnfs_layoutdriver_type *ld = NFS_SERVER(ino)->pnfs_curr_ld; if (ld->prepare_layoutreturn) ld->prepare_layoutreturn(args); + pnfs_put_layout_hdr(lo); return true; } if (layoutreturn) pnfs_send_layoutreturn(lo, &stateid, iomode, true); + pnfs_put_layout_hdr(lo); return false; }
Patches currently in stable-queue which might be from trond.myklebust@primarydata.com are
queue-4.14/nfs-fix-unstable-write-completion.patch queue-4.14/nfs-fix-an-incorrect-type-in-struct-nfs_direct_req.patch queue-4.14/pnfs-prevent-the-layout-header-refcount-going-to-zero-in-pnfs_roc.patch
linux-stable-mirror@lists.linaro.org