[pve-kernel.git] / patches / kernel / 0019-lockd-lost-rollback-of-set_grace_period-in-lockd_dow.patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Vasily Averin <vvs@virtuozzo.com>
Date: Thu, 2 Nov 2017 13:03:42 +0300
Subject: [PATCH] lockd: lost rollback of set_grace_period() in
 lockd_down_net()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Commit efda760fe95ea ("lockd: fix lockd shutdown race") is incorrect,
it removes lockd_manager and disarm grace_period_end for init_net only.

If nfsd was started from another net namespace lockd_up_net() calls
set_grace_period() that adds lockd_manager into per-netns list
and queues grace_period_end delayed work.

These action should be reverted in lockd_down_net().
Otherwise it can lead to double list_add on after restart nfsd in netns,
and to use-after-free if non-disarmed delayed work will be executed after netns destroy.

Fixes: efda760fe95e ("lockd: fix lockd shutdown race")
Cc: stable@vger.kernel.org
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
(cherry picked from commit 3a2b19d1ee5633f76ae8a88da7bc039a5d1732aa)
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 fs/lockd/svc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c
index 726b6cecf430..fa8f6effcf00 100644
--- a/fs/lockd/svc.c
+++ b/fs/lockd/svc.c
@@ -274,6 +274,8 @@ static void lockd_down_net(struct svc_serv *serv, struct net *net)
 	if (ln->nlmsvc_users) {
 		if (--ln->nlmsvc_users == 0) {
 			nlm_shutdown_hosts_net(net);
+			cancel_delayed_work_sync(&ln->grace_period_end);
+			locks_end_grace(&ln->lockd_manager);
 			svc_shutdown_net(serv, net);
 			dprintk("lockd_down_net: per-net data destroyed; net=%p\n", net);
 		}
-- 
2.14.2
Commit	Line	Data
863ccb96 FG	1	From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
	2	From: Vasily Averin <vvs@virtuozzo.com>
	3	Date: Thu, 2 Nov 2017 13:03:42 +0300
	4	Subject: [PATCH] lockd: lost rollback of set_grace_period() in
	5	lockd_down_net()
	6	MIME-Version: 1.0
	7	Content-Type: text/plain; charset=UTF-8
	8	Content-Transfer-Encoding: 8bit
	9
	10	Commit efda760fe95ea ("lockd: fix lockd shutdown race") is incorrect,
	11	it removes lockd_manager and disarm grace_period_end for init_net only.
	12
	13	If nfsd was started from another net namespace lockd_up_net() calls
	14	set_grace_period() that adds lockd_manager into per-netns list
	15	and queues grace_period_end delayed work.
	16
	17	These action should be reverted in lockd_down_net().
	18	Otherwise it can lead to double list_add on after restart nfsd in netns,
	19	and to use-after-free if non-disarmed delayed work will be executed after netns destroy.
	20
	21	Fixes: efda760fe95e ("lockd: fix lockd shutdown race")
	22	Cc: stable@vger.kernel.org
	23	Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
	24	Signed-off-by: J. Bruce Fields <bfields@redhat.com>
	25	(cherry picked from commit 3a2b19d1ee5633f76ae8a88da7bc039a5d1732aa)
	26	Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
	27	---
	28	fs/lockd/svc.c \| 2 ++
	29	1 file changed, 2 insertions(+)
	30
	31	diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c
	32	index 726b6cecf430..fa8f6effcf00 100644
	33	--- a/fs/lockd/svc.c
	34	+++ b/fs/lockd/svc.c
	35	@@ -274,6 +274,8 @@ static void lockd_down_net(struct svc_serv serv, struct net net)
	36	if (ln->nlmsvc_users) {
	37	if (--ln->nlmsvc_users == 0) {
	38	nlm_shutdown_hosts_net(net);
	39	+ cancel_delayed_work_sync(&ln->grace_period_end);
	40	+ locks_end_grace(&ln->lockd_manager);
	41	svc_shutdown_net(serv, net);
	42	dprintk("lockd_down_net: per-net data destroyed; net=%p\n", net);
	43	}
	44	--
	45	2.14.2
	46