diff options
| author | Jonathan Curley <jcurley@purestorage.com> | 2025-11-12 18:02:42 +0000 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-12-18 13:55:17 +0100 |
| commit | 59947dff0fb7c19c09ce6dccbcd253fd542b6c25 (patch) | |
| tree | adbb1c8ecedc63b090ef2827f593251566d7f226 | |
| parent | fa561b29b7a85543a9dc81f0634c73f902bcb3f0 (diff) | |
| download | linux-59947dff0fb7c19c09ce6dccbcd253fd542b6c25.tar.gz linux-59947dff0fb7c19c09ce6dccbcd253fd542b6c25.tar.bz2 linux-59947dff0fb7c19c09ce6dccbcd253fd542b6c25.zip | |
NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
[ Upstream commit e0f8058f2cb56de0b7572f51cd563ca5debce746 ]
Fixes a crash when layout is null during this call stack:
write_inode
-> nfs4_write_inode
-> pnfs_layoutcommit_inode
pnfs_set_layoutcommit relies on the lseg refcount to keep the layout
around. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt
to reference a null layout.
Fixes: fe1cf9469d7bc ("pNFS: Clear all layout segment state in pnfs_mark_layout_stateid_invalid")
Signed-off-by: Jonathan Curley <jcurley@purestorage.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
| -rw-r--r-- | fs/nfs/pnfs.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c index 89d49dd3978f..7a742bcff687 100644 --- a/fs/nfs/pnfs.c +++ b/fs/nfs/pnfs.c @@ -466,6 +466,7 @@ pnfs_mark_layout_stateid_invalid(struct pnfs_layout_hdr *lo, struct pnfs_layout_segment *lseg, *next; set_bit(NFS_LAYOUT_INVALID_STID, &lo->plh_flags); + clear_bit(NFS_INO_LAYOUTCOMMIT, &NFS_I(lo->plh_inode)->flags); list_for_each_entry_safe(lseg, next, &lo->plh_segs, pls_list) pnfs_clear_lseg_state(lseg, lseg_list); pnfs_clear_layoutreturn_info(lo); |