knfsd: fix reply cache memory corruption

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Fix a regression in the reply cache introduced when the code was
converted to use proper Linux lists. When a new entry needs to be
inserted, the case where all the entries are currently being used
by threads is not correctly detected. This can result in memory
corruption and a crash. In the current code this is an extremely
unlikely corner case; it would require the machine to have 1024
nfsd threads and all of them to be busy at the same time. However,
upcoming reply cache changes make this more likely; a crash due to
this problem was actually observed in field.

Signed-off-by: Greg Banks <gnb@sgi.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>

authored by

Greg Banks and committed by

J. Bruce Fields 17 years ago cf0a586c fca4217c

+2 -2

1 changed file

expand all

nfsd

nfscache.c

+2 -2

fs/nfsd/nfscache.c

··· 174 174 } 175 175 } 176 176 177 - /* This should not happen */ 178 - if (rp == NULL) { 177 + /* All entries on the LRU are in-progress. This should not happen */ 178 + if (&rp->c_lru == &lru_head) { 179 179 static int complaints; 180 180 181 181 printk(KERN_WARNING "nfsd: all repcache entries locked!\n");