Re: [PATCH 5/6] nfsd: release OPEN-decoded posix ACLs via op_release

Next message: Mikhail Lobanov: "[PATCH] xfs: skip dquot attach when m_quotainfo is not set up"
Previous message: Chuck Lever: "Re: [PATCH 0/6] nfsd: medium-severity bugfixes"
In reply to: Jeff Layton: "[PATCH 5/6] nfsd: release OPEN-decoded posix ACLs via op_release"
Next in thread: Jeff Layton: "Re: [PATCH 5/6] nfsd: release OPEN-decoded posix ACLs via op_release"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Chuck Lever

Date: Sun May 31 2026 - 11:56:56 EST

On Sun, May 31, 2026, at 8:07 AM, Jeff Layton wrote:
> From: Chris Mason <clm@xxxxxxxx>

> Remove the matching posix_acl_release() pair from nfsd4_open()'s
> out_err: label: the compound dispatcher calls op_release
> unconditionally after every op, [...]

The double-free fix is right, but op_release is not called
unconditionally after every op, and that gap leaks the ACLs on the
v4.0 replay path.

op_release runs only at the release: label inside
nfsd4_encode_operation(). The compound loop skips that encoder on
a replay:

if (op->status == nfserr_replay_me) {
nfsd4_encode_replay(resp->xdr, op); /* no op_release */
...
} else {
nfsd4_encode_operation(resp, op); /* op_release here */
}

So every ACL-bearing v4.0 OPEN retransmit leaks two posix_acl refs.

Please release op->u on the replay branch too:

if (op->status == nfserr_replay_me) {
op->replay = &cstate->replay_owner->so_replay;
nfsd4_encode_replay(resp->xdr, op);
status = op->status = op->replay->rp_status;
if (op->opdesc->op_release)
op->opdesc->op_release(&op->u);
}

Let's fix the "unconditionally after every op" wording too.

I've applied the other 5 in this series, so you can just resend
this one.

--
Chuck Lever