From: Trond Myklebust Date: Mon, 28 Oct 2013 18:57:12 +0000 (-0400) Subject: NFSv4: Fix state reference counting in _nfs4_opendata_reclaim_to_nfs4_state X-Git-Tag: firefly_0821_release~6453^2~262 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=1311157d8407d16b8543c2286f0e95251ca04fe8;p=firefly-linux-kernel-4.4.55.git NFSv4: Fix state reference counting in _nfs4_opendata_reclaim_to_nfs4_state commit d49f042aeec99c5f87160bb52dd52088b1051311 upstream. Currently, if the call to nfs_refresh_inode fails, then we end up leaking a reference count, due to the call to nfs4_get_open_state. While we're at it, replace nfs4_get_open_state with a simple call to atomic_inc(); there is no need to do a full lookup of the struct nfs_state since it is passed as an argument in the struct nfs4_opendata, and is already assigned to the variable 'state'. Signed-off-by: Trond Myklebust Signed-off-by: Greg Kroah-Hartman --- diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index d097233cd33b..e78b8c2656ee 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -1168,11 +1168,6 @@ _nfs4_opendata_reclaim_to_nfs4_state(struct nfs4_opendata *data) goto update; } - ret = -ENOMEM; - state = nfs4_get_open_state(inode, data->owner); - if (state == NULL) - goto err; - ret = nfs_refresh_inode(inode, &data->f_attr); if (ret) goto err; @@ -1182,6 +1177,7 @@ _nfs4_opendata_reclaim_to_nfs4_state(struct nfs4_opendata *data) update: update_open_stateid(state, &data->o_res.stateid, NULL, data->o_arg.fmode); + atomic_inc(&state->count); return state; err: