Date: Mon, 25 May 2026 19:24:11 +0000 From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 4d80d4913e79 - main - nfs: Fix argument typo to avoid a crash Message-ID: <6a14a1db.4593c.687b0e74@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=4d80d4913e79c8b5918b1f04c1c7b38e6c76b9b4 commit 4d80d4913e79c8b5918b1f04c1c7b38e6c76b9b4 Author: Rick Macklem <rmacklem@FreeBSD.org> AuthorDate: 2026-05-25 19:22:32 +0000 Commit: Rick Macklem <rmacklem@FreeBSD.org> CommitDate: 2026-05-25 19:22:32 +0000 nfs: Fix argument typo to avoid a crash A typo resulted in the wrong argument for a bytewise comparison that could result in a crash if the incorrect argument was not a valid pointer. This patch fixes the argument. While investigating this, I noticed that the correct argument was not being filled in as required, so this patch fixes that, as well. Somehow, recovery from a NFSv4.1/4.2 server crash worked during testing, so this was not detected. The bug/patch only affects NFS client mounts using NFSv4.1/4.2. PR: 294925 Reported by: Jov <amutu@amutu.com> MFC after: 3 days --- sys/fs/nfs/nfs_commonkrpc.c | 5 +++-- sys/fs/nfs/nfs_commonsubs.c | 3 +++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sys/fs/nfs/nfs_commonkrpc.c b/sys/fs/nfs/nfs_commonkrpc.c index 9ea4e5f4c9df..2d4c41994c0e 100644 --- a/sys/fs/nfs/nfs_commonkrpc.c +++ b/sys/fs/nfs/nfs_commonkrpc.c @@ -1265,8 +1265,9 @@ tryagain: goto out; } sep = NFSMNT_MDSSESSION(nmp); - if (bcmp(sep->nfsess_sessionid, nd->nd_sequence, - NFSX_V4SESSIONID) == 0) { + if (bcmp(sep->nfsess_sessionid, + nd->nd_sessionid, NFSX_V4SESSIONID) == 0 && + sep->nfsess_defunct == 0) { printf("Initiate recovery. If server " "has not rebooted, " "check NFS clients for unique " diff --git a/sys/fs/nfs/nfs_commonsubs.c b/sys/fs/nfs/nfs_commonsubs.c index b5f83a98b307..a11b55b11c43 100644 --- a/sys/fs/nfs/nfs_commonsubs.c +++ b/sys/fs/nfs/nfs_commonsubs.c @@ -368,6 +368,7 @@ nfscl_reqstart(struct nfsrv_descript *nd, int procnum, struct nfsmount *nmp, * First, fill in some of the fields of nd. */ nd->nd_slotseq = NULL; + NFSBZERO(nd->nd_sessionid, NFSX_V4SESSIONID); if (vers == NFS_VER4) { nd->nd_flag = ND_NFSV4 | ND_NFSCL; if (minorvers == NFSV41_MINORVERSION) @@ -5348,6 +5349,7 @@ nfsv4_setsequence(struct nfsmount *nmp, struct nfsrv_descript *nd, NFSM_BUILD(tl, uint32_t *, NFSX_V4SESSIONID + 4 * NFSX_UNSIGNED); nd->nd_sequence = tl; bcopy(sessionid, tl, NFSX_V4SESSIONID); + bcopy(sessionid, nd->nd_sessionid, NFSX_V4SESSIONID); tl += NFSX_V4SESSIONID / NFSX_UNSIGNED; nd->nd_slotseq = tl; if (error == 0) { @@ -5593,6 +5595,7 @@ nfsrpc_destroysession(struct nfsmount *nmp, struct nfsclsession *tsep, 0, NULL); NFSM_BUILD(tl, uint32_t *, NFSX_V4SESSIONID); bcopy(tsep->nfsess_sessionid, tl, NFSX_V4SESSIONID); + bcopy(tsep->nfsess_sessionid, nd->nd_sessionid, NFSX_V4SESSIONID); nd->nd_flag |= ND_USEGSSNAME; error = newnfs_request(nd, nmp, NULL, &nmp->nm_sockreq, NULL, p, cred, NFS_PROG, NFS_VER4, NULL, 1, NULL, NULL);home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a14a1db.4593c.687b0e74>