git: db7257ef972e - main - nfsd: Fix a server crash

Tue, 17 Oct 2023 19:44:12 -0700 

The branch main has been updated by rmacklem:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=db7257ef972ed75e33929d39fd791d3699b53c63

commit db7257ef972ed75e33929d39fd791d3699b53c63
Author:     Rick Macklem <rmack...@freebsd.org>
AuthorDate: 2023-10-18 02:40:23 +0000
Commit:     Rick Macklem <rmack...@freebsd.org>
CommitDate: 2023-10-18 02:43:25 +0000

    nfsd: Fix a server crash
    
    PR#274346 reports a crash which appears to be caused by a NULL default 
session
    being destroyed.  This patch should avoid the crash.
    
    Tested by:      Joshua Kinard <free...@kumba.dev>
    PR:     274346
    MFC after:      2 weeks
---
 sys/fs/nfs/nfs_commonkrpc.c | 9 +++++++++
 sys/fs/nfs/nfs_commonsubs.c | 6 ++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/sys/fs/nfs/nfs_commonkrpc.c b/sys/fs/nfs/nfs_commonkrpc.c
index 936373c79366..29c7cdbd671c 100644
--- a/sys/fs/nfs/nfs_commonkrpc.c
+++ b/sys/fs/nfs/nfs_commonkrpc.c
@@ -1208,6 +1208,14 @@ tryagain:
                                NFSCL_DEBUG(1, "Got badsession\n");
                                NFSLOCKCLSTATE();
                                NFSLOCKMNT(nmp);
+                               if (TAILQ_EMPTY(&nmp->nm_sess)) {
+                                       NFSUNLOCKMNT(nmp);
+                                       NFSUNLOCKCLSTATE();
+                                       printf("If server has not rebooted, "
+                                           "check NFS clients for unique "
+                                           "/etc/hostid's\n");
+                                       goto out;
+                               }
                                sep = NFSMNT_MDSSESSION(nmp);
                                if (bcmp(sep->nfsess_sessionid, nd->nd_sequence,
                                    NFSX_V4SESSIONID) == 0) {
@@ -1388,6 +1396,7 @@ tryagain:
                                nd->nd_repstat = NFSERR_STALEDONTRECOVER;
                }
        }
+out:
 
 #ifdef KDTRACE_HOOKS
        if (nmp != NULL && dtrace_nfscl_nfs234_done_probe != NULL) {
diff --git a/sys/fs/nfs/nfs_commonsubs.c b/sys/fs/nfs/nfs_commonsubs.c
index ffe1ec542492..f2305795e53e 100644
--- a/sys/fs/nfs/nfs_commonsubs.c
+++ b/sys/fs/nfs/nfs_commonsubs.c
@@ -5141,11 +5141,13 @@ nfsrpc_destroysession(struct nfsmount *nmp, struct 
nfsclsession *tsep,
        struct nfsrv_descript *nd = &nfsd;
        int error;
 
+       if (tsep == NULL)
+               tsep = nfsmnt_mdssession(nmp);
+       if (tsep == NULL)
+               return (0);
        nfscl_reqstart(nd, NFSPROC_DESTROYSESSION, nmp, NULL, 0, NULL, NULL, 0,
            0, NULL);
        NFSM_BUILD(tl, uint32_t *, NFSX_V4SESSIONID);
-       if (tsep == NULL)
-               tsep = nfsmnt_mdssession(nmp);
        bcopy(tsep->nfsess_sessionid, tl, NFSX_V4SESSIONID);
        nd->nd_flag |= ND_USEGSSNAME;
        error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred,

Reply via email to