openkylin
/
platform_kernel-5.15
mirror of https://gitee.com/openkylin/platform_kernel-5.15.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

nfsd: fix startup/shutdown order bug 

We must create the server before we can call init_socks or check the
number of threads.

Symptoms were a NULL pointer dereference in nfsd_svc().  Problem
identified by Jeff Layton.

Also fix a minor cleanup-on-error case in nfsd_startup().

Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
This commit is contained in:
J. Bruce Fields 2010-08-02 14:12:44 -04:00
parent 039a87ca53
commit 774f8bbd9e
1 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
fs/nfsd/nfssvc.c
View File

@ -204,6 +204,9 @@ static bool nfsd_up = false;
static int nfsd_startup(unsigned short port, int nrservs) static int nfsd_startup(unsigned short port, int nrservs)
{ {
int ret; int ret;
if (nfsd_up)
return 0;
/* /*
* Readahead param cache - will no-op if it already exists. * Readahead param cache - will no-op if it already exists.
* (Note therefore results will be suboptimal if number of * (Note therefore results will be suboptimal if number of
@ -217,7 +220,7 @@ static int nfsd_startup(unsigned short port, int nrservs)
goto out_racache; goto out_racache;
ret = lockd_up(); ret = lockd_up();
if (ret) if (ret)
return ret; goto out_racache;
ret = nfs4_state_start(); ret = nfs4_state_start();
if (ret) if (ret)
goto out_lockd; goto out_lockd;
@ -420,7 +423,7 @@ int
nfsd_svc(unsigned short port, int nrservs) nfsd_svc(unsigned short port, int nrservs)
{ {
int error; int error;
bool first_thread; bool nfsd_up_before;
mutex_lock(&nfsd_mutex); mutex_lock(&nfsd_mutex);
dprintk("nfsd: creating service\n"); dprintk("nfsd: creating service\n");
@ -432,29 +435,28 @@ nfsd_svc(unsigned short port, int nrservs)
if (nrservs == 0 && nfsd_serv == NULL) if (nrservs == 0 && nfsd_serv == NULL)
goto out; goto out;
first_thread = (nfsd_serv->sv_nrthreads == 0) && (nrservs != 0);
if (first_thread) {
error = nfsd_startup(port, nrservs);
if (error)
goto out;
}
error = nfsd_create_serv(); error = nfsd_create_serv();
if (error) if (error)
goto out_shutdown; goto out;
error = svc_set_num_threads(nfsd_serv, NULL, nrservs);
nfsd_up_before = nfsd_up;
error = nfsd_startup(port, nrservs);
if (error) if (error)
goto out_destroy; goto out_destroy;
error = svc_set_num_threads(nfsd_serv, NULL, nrservs);
if (error)
goto out_shutdown;
/* We are holding a reference to nfsd_serv which /* We are holding a reference to nfsd_serv which
* we don't want to count in the return value, * we don't want to count in the return value,
* so subtract 1 * so subtract 1
*/ */
error = nfsd_serv->sv_nrthreads - 1; error = nfsd_serv->sv_nrthreads - 1;
out_shutdown:
if (error < 0 && !nfsd_up_before)
nfsd_shutdown();
out_destroy: out_destroy:
svc_destroy(nfsd_serv); /* Release server */ svc_destroy(nfsd_serv); /* Release server */
out_shutdown:
if (error < 0 && first_thread)
nfsd_shutdown();
out: out:
mutex_unlock(&nfsd_mutex); mutex_unlock(&nfsd_mutex);
return error; return error;