NFSD: Prevent NULL dereference in nfsd4_process_cb_update()

@ses is initialized to NULL. If __nfsd4_find_backchannel() finds no
available backchannel session, setup_callback_client() will try to
dereference @ses and segfault.

Fixes: dcbeaa68dbbd ("nfsd4: allow backchannel recovery")
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c
index f5ba9be917700b6d16aba41e70de1ddd86f09a95..1ffac2b32d81a3cd94c0801ac83015dc9b9c0950 100644 (file)
--- a/fs/nfsd/nfs4callback.c
+++ b/fs/nfsd/nfs4callback.c
@@ -1464,6 +1464,8 @@ static void nfsd4_process_cb_update(struct nfsd4_callback *cb)
                ses = c->cn_session;
        }
        spin_unlock(&clp->cl_lock);
+       if (!c)
+               return;
 
        err = setup_callback_client(clp, &conn, ses);
        if (err) {