--- /dev/null
+From 4f40a5b5544618b096d1611a18219dd91fd57f80 Mon Sep 17 00:00:00 2001
+From: Scott Mayhew <smayhew@redhat.com>
+Date: Mon, 27 Jun 2022 17:31:29 -0400
+Subject: NFSv4: Add an fattr allocation to _nfs4_discover_trunking()
+
+From: Scott Mayhew <smayhew@redhat.com>
+
+commit 4f40a5b5544618b096d1611a18219dd91fd57f80 upstream.
+
+This was missed in c3ed222745d9 ("NFSv4: Fix free of uninitialized
+nfs4_label on referral lookup.") and causes a panic when mounting
+with '-o trunkdiscovery':
+
+PID: 1604 TASK: ffff93dac3520000 CPU: 3 COMMAND: "mount.nfs"
+ #0 [ffffb79140f738f8] machine_kexec at ffffffffaec64bee
+ #1 [ffffb79140f73950] __crash_kexec at ffffffffaeda67fd
+ #2 [ffffb79140f73a18] crash_kexec at ffffffffaeda76ed
+ #3 [ffffb79140f73a30] oops_end at ffffffffaec2658d
+ #4 [ffffb79140f73a50] general_protection at ffffffffaf60111e
+ [exception RIP: nfs_fattr_init+0x5]
+ RIP: ffffffffc0c18265 RSP: ffffb79140f73b08 RFLAGS: 00010246
+ RAX: 0000000000000000 RBX: ffff93dac304a800 RCX: 0000000000000000
+ RDX: ffffb79140f73bb0 RSI: ffff93dadc8cbb40 RDI: d03ee11cfaf6bd50
+ RBP: ffffb79140f73be8 R8: ffffffffc0691560 R9: 0000000000000006
+ R10: ffff93db3ffd3df8 R11: 0000000000000000 R12: ffff93dac4040000
+ R13: ffff93dac2848e00 R14: ffffb79140f73b60 R15: ffffb79140f73b30
+ ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
+ #5 [ffffb79140f73b08] _nfs41_proc_get_locations at ffffffffc0c73d53 [nfsv4]
+ #6 [ffffb79140f73bf0] nfs4_proc_get_locations at ffffffffc0c83e90 [nfsv4]
+ #7 [ffffb79140f73c60] nfs4_discover_trunking at ffffffffc0c83fb7 [nfsv4]
+ #8 [ffffb79140f73cd8] nfs_probe_fsinfo at ffffffffc0c0f95f [nfs]
+ #9 [ffffb79140f73da0] nfs_probe_server at ffffffffc0c1026a [nfs]
+ RIP: 00007f6254fce26e RSP: 00007ffc69496ac8 RFLAGS: 00000246
+ RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6254fce26e
+ RDX: 00005600220a82a0 RSI: 00005600220a64d0 RDI: 00005600220a6520
+ RBP: 00007ffc69496c50 R8: 00005600220a8710 R9: 003035322e323231
+ R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc69496c50
+ R13: 00005600220a8440 R14: 0000000000000010 R15: 0000560020650ef9
+ ORIG_RAX: 00000000000000a5 CS: 0033 SS: 002b
+
+Fixes: c3ed222745d9 ("NFSv4: Fix free of uninitialized nfs4_label on referral lookup.")
+Signed-off-by: Scott Mayhew <smayhew@redhat.com>
+Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
+Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/nfs/nfs4proc.c | 19 ++++++++++++-------
+ 1 file changed, 12 insertions(+), 7 deletions(-)
+
+--- a/fs/nfs/nfs4proc.c
++++ b/fs/nfs/nfs4proc.c
+@@ -3981,18 +3981,23 @@ static int _nfs4_discover_trunking(struc
+ }
+
+ page = alloc_page(GFP_KERNEL);
++ if (!page)
++ return -ENOMEM;
+ locations = kmalloc(sizeof(struct nfs4_fs_locations), GFP_KERNEL);
+- if (page == NULL || locations == NULL)
+- goto out;
++ if (!locations)
++ goto out_free;
++ locations->fattr = nfs_alloc_fattr();
++ if (!locations->fattr)
++ goto out_free_2;
+
+ status = nfs4_proc_get_locations(server, fhandle, locations, page,
+ cred);
+- if (status)
+- goto out;
+-out:
+- if (page)
+- __free_page(page);
++
++ kfree(locations->fattr);
++out_free_2:
+ kfree(locations);
++out_free:
++ __free_page(page);
+ return status;
+ }
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
