danmcd
commented
1 year ago This may have one more external reviewer. Like OS-8444, I'm seeking permission to integrate this early.
From the illumos-security summary:
So this is getting fixed by: 1.) clear_locks(8) now checks the return code of NFS4_CLR_STATE (see below for how it now returns something). 2.) rfs4_clear_client_state() is now directly called instead of assigned to a pointer in the nfs module. This does mean a modstub. 3.) Internally rfs4_clear_client_state() checks for uninitialized/deactivated NFS server stack instances accurately, and returns ENXIO on uninitialized/deactivated.
It has been tested with: 1.) Uninitialized nfssrv (via modload on my testing, but in practice any non-NFS-serving zone on a machine where one is serving nfs can manifest this bug) getting clear_locks(8) invoked on it. 2.) Activated-and-then-deactivated nfssrv getting clear_locks(8) invoked on it after deactivation.
xxxxx clear_locks(8) needs resilience Reviewed by: Richard Lowe richlowe@richlowe.net