[PATCH 15/19] nfsd: reject reclaim LOCK after RECLAIM_COMPLETE

Next message: Catalin Marinas: "Re: [PATCH v3] cpu/hotplug: Fix NULL kobject warning in cpuhp_smt_enable()"
Previous message: Jeff Layton: "[PATCH 14/19] nfsd: use test_and_clear_bit for somebody_reclaimed to prevent lost update"
In reply to: Jeff Layton: "[PATCH 14/19] nfsd: use test_and_clear_bit for somebody_reclaimed to prevent lost update"
Next in thread: Jeff Layton: "[PATCH 05/19] sunrpc: defer rq_argp and rq_resp free until after RCU grace period"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jeff Layton

Date: Tue Jun 09 2026 - 13:58:38 EST

nfsd4_lock() only checks the namespace-wide grace flag when deciding
whether to accept a reclaim LOCK. It does not check the per-client
NFSD4_CLIENT_RECLAIM_COMPLETE bit. A NFSv4.1+ client that has
already sent RECLAIM_COMPLETE can submit lk_reclaim=1 while grace is
still active (e.g. lockd holds the grace list open), and the server
accepts it instead of returning NFS4ERR_NO_GRACE as required by
RFC 8881 section 8.4.2.1.

The OPEN path already has the correct two-tier guard via
nfs4_check_open_reclaim(). Add the equivalent check to the LOCK path.

Fixes: 3b3e7b72239a ("nfsd: reject reclaim request when client has already sent RECLAIM_COMPLETE")
Assisted-by: Claude:claude-opus-4-8
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
---
fs/nfsd/nfs4state.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index fddef6f8db7c..7d96bffd2fd5 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -8552,6 +8552,9 @@ nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
status = nfserr_no_grace;
if (!locks_in_grace(net) && lock->lk_reclaim)
goto out;
+ if (lock->lk_reclaim &&
+ test_bit(NFSD4_CLIENT_RECLAIM_COMPLETE, &cstate->clp->cl_flags))
+ goto out;

if (lock->lk_reclaim)
flags |= FL_RECLAIM;

--
2.54.0