• Eryu Guan's avatar
    nfsd4: define nfsd4_secinfo_no_name_release() · ec572b9e
    Eryu Guan authored
    Commit 34b1744c ("nfsd4: define ->op_release for compound ops")
    defined a couple ->op_release functions and run them if necessary.
    
    But there's a problem with that is that it reused
    nfsd4_secinfo_release() as the op_release of OP_SECINFO_NO_NAME, and
    caused a leak on struct nfsd4_secinfo_no_name in
    nfsd4_encode_secinfo_no_name(), because there's no .si_exp field in
    struct nfsd4_secinfo_no_name.
    
    I found this because I was unable to umount an ext4 partition after
    exporting it via NFS & run fsstress on the nfs mount. A simplified
    reproducer would be:
    
     # mount a local-fs device at /mnt/test, and export it via NFS with
     # fsid=0 export option (this is required)
     mount /dev/sda5 /mnt/test
     echo "/mnt/test *(rw,no_root_squash,fsid=0)" >> /etc/exports
     service nfs restart
    
     # locally mount the nfs export with all default, note that I have
     # nfsv4.1 configured as the default nfs version, because of the
     # fsid export option, v4 mount would fail and fall back to v3
     mount localhost:/mnt/test /mnt/nfs
    
     # try to umount the underlying device, but got EBUSY
     umount /mnt/nfs
     service nfs stop
     umount /mnt/test <=== EBUSY here
    
    Fixed it by defining a separate nfsd4_secinfo_no_name_release()
    function as the op_release method of OP_SECINFO_NO_NAME that
    releases the correct nfsd4_secinfo_no_name structure.
    
    Fixes: 34b1744c ("nfsd4: define ->op_release for compound ops")
    Signed-off-by: default avatarEryu Guan <eguan@redhat.com>
    Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
    ec572b9e
nfs4proc.c 69.9 KB