potential problem in nfs_refresh_inode

Bill Hawes (whawes@star.net)
Tue, 12 Aug 1997 15:52:23 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Colin Plumb: "Re: patch for fs/dcache race"
Previous message: Philip Gladstone: "Re: bind sucks?"

In reviewing the 2.0.31 NFS code I've come across a potentially
troubling problem in nfs_refresh_inode. If the inode mode has changed
on the remote server, it's possible for the i_op array to change on the
fly, possibly becoming NULL. This could cause a crash if there are any
blocking calls between testing an i_op pointer and subsequent use (a
very frequent occurrence, as most i_op calls are blocking.)

For example, task 1 might check the i_op pointer, do a blocking
operation, then task 2 gets a reply from the NFS server and updates the
inode, so task 1 now uses the invalid or NULL i_op pointer.

One potential way to protect against this would be to test for changes
from one non-zero mode to another in nfs_refresh_inode, and install an
"invalid operation" i_op if the inode has more than one user.

Any suggestions for other ways to handle it?

Regards,
Bill

Next message: Colin Plumb: "Re: patch for fs/dcache race"
Previous message: Philip Gladstone: "Re: bind sucks?"