diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2016-07-13 16:40:14 -0400 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2016-07-15 15:31:31 -0400 |
| commit | 885848186fbc2d1d8fb6d2fdc2156638ae289a46 (patch) | |
| tree | e027bde79fc5704a6e462466d344336bd83b704b /fs/nfsd/nfs3xdr.c | |
| parent | dd51db188600c8c54c46cff84e83358ece8ccb4d (diff) | |
| download | linux-stable-885848186fbc2d1d8fb6d2fdc2156638ae289a46.tar.gz linux-stable-885848186fbc2d1d8fb6d2fdc2156638ae289a46.tar.bz2 linux-stable-885848186fbc2d1d8fb6d2fdc2156638ae289a46.zip | |
nfsd: Close race between nfsd4_release_lockowner and nfsd4_lock
nfsd4_release_lockowner finds a lock owner that has no lock state,
and drops cl_lock. Then release_lockowner picks up cl_lock and
unhashes the lock owner.
During the window where cl_lock is dropped, I don't see anything
preventing a concurrent nfsd4_lock from finding that same lock owner
and adding lock state to it.
Move release_lockowner() into nfsd4_release_lockowner and hang onto
the cl_lock until after the lock owner's state cannot be found
again.
Found by inspection, we don't currently have a reproducer.
Fixes: 2c41beb0e5cf ("nfsd: reduce cl_lock thrashing in ... ")
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd/nfs3xdr.c')
0 files changed, 0 insertions, 0 deletions