NFSD: Prevent NULL dereference in nfsd4_process_cb_update()

[ Upstream commit 1e02c64 ] @SES is initialized to NULL. If __nfsd4_find_backchannel() finds no available backchannel session, setup_callback_client() will try to dereference @SES and segfault. Fixes: dcbeaa6 ("nfsd4: allow backchannel recovery") Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
mj22226 · Dec 6, 2024 · 0492e98 · 0492e98
1 parent f2e62a6
commit 0492e98
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c
@@ -1379,6 +1379,8 @@ static void nfsd4_process_cb_update(struct nfsd4_callback *cb)
 		ses = c->cn_session;
 	}
 	spin_unlock(&clp->cl_lock);
+	if (!c)
+		return;
 
 	err = setup_callback_client(clp, &conn, ses);
 	if (err) {