diff options
| author | Trond Myklebust <[email protected]> | 2016-11-14 16:19:55 +0000 |
|---|---|---|
| committer | Anna Schumaker <[email protected]> | 2016-11-18 18:35:58 +0000 |
| commit | 3e7dfb1659c2888fc0152ec2b02a5e932397bb0a (patch) | |
| tree | 301cbdf7e52009221b137a1d028a1b916d38e167 /lib/genalloc.c | |
| parent | NFSv4.1: Fix a regression in DELEGRETURN (diff) | |
| download | kernel-3e7dfb1659c2888fc0152ec2b02a5e932397bb0a.tar.gz kernel-3e7dfb1659c2888fc0152ec2b02a5e932397bb0a.zip | |
NFSv4: Fix CLOSE races with OPEN
If the reply to a successful CLOSE call races with an OPEN to the same
file, we can end up scribbling over the stateid that represents the
new open state.
The race looks like:
Client Server
====== ======
CLOSE stateid A on file "foo"
CLOSE stateid A, return stateid C
OPEN file "foo"
OPEN "foo", return stateid B
Receive reply to OPEN
Reset open state for "foo"
Associate stateid B to "foo"
Receive CLOSE for A
Reset open state for "foo"
Replace stateid B with C
The fix is to examine the argument of the CLOSE, and check for a match
with the current stateid "other" field. If the two do not match, then
the above race occurred, and we should just ignore the CLOSE.
Reported-by: Benjamin Coddington <[email protected]>
Signed-off-by: Trond Myklebust <[email protected]>
Signed-off-by: Anna Schumaker <[email protected]>
Diffstat (limited to 'lib/genalloc.c')
0 files changed, 0 insertions, 0 deletions