tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing

Theoretically it's an oopsable race, but I don't believe one can manage
to hit it on real hardware; might become doable on a KVM, but it still
won't be easy to attack.

Anyway, it's easy to deal with - since xdr_encode_hyper() is just a call of
put_unaligned_be64(), we can put that under ->d_lock and be done with that.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Anna Schumaker <anna.schumaker@oracle.com>

authored by

Al Viro and committed by
Anna Schumaker a890a2e3 902893e3

+2
+2
fs/nfs/nfs4proc.c
··· 391 391 *p++ = htonl(attrs); /* bitmap */ 392 392 *p++ = htonl(12); /* attribute buffer length */ 393 393 *p++ = htonl(NF4DIR); 394 + spin_lock(&dentry->d_lock); 394 395 p = xdr_encode_hyper(p, NFS_FILEID(d_inode(dentry->d_parent))); 396 + spin_unlock(&dentry->d_lock); 395 397 396 398 readdir->pgbase = (char *)p - (char *)start; 397 399 readdir->count -= readdir->pgbase;