diff options
author | J. Bruce Fields <bfields@citi.umich.edu> | 2008-03-14 19:37:11 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-03-14 16:49:15 -0700 |
commit | b663c6fd98c9cf586279db03cec3257c413efd00 (patch) | |
tree | f268ae9e706044f48d2f95fcb4841ce89c70cf4b /kernel/panic.c | |
parent | 9b89ca7a3847c0d5b1e86e83f4860a866f28a89b (diff) |
nfsd: fix oops on access from high-numbered ports
This bug was always here, but before my commit 6fa02839bf9412e18e77
("recheck for secure ports in fh_verify"), it could only be triggered by
failure of a kmalloc(). After that commit it could be triggered by a
client making a request from a non-reserved port for access to an export
marked "secure". (Exports are "secure" by default.)
The result is a struct svc_export with a reference count one too low,
resulting in likely oopses next time the export is accessed.
The reference counting here is not straightforward; a later patch will
clean up fh_verify().
Thanks to Lukas Hejtmanek for the bug report and followup.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Cc: Lukas Hejtmanek <xhejtman@ics.muni.cz>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/panic.c')
0 files changed, 0 insertions, 0 deletions