diff options
| author | Andrew Elble <aweits@rit.edu> | 2017-11-09 13:41:10 -0500 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2017-11-27 16:45:11 -0500 |
| commit | ae254dac721d44c0bfebe2795df87459e2e88219 (patch) | |
| tree | e331811665f7a8aaf13319a70920b6eec21fda82 /fs/nfsd | |
| parent | 64ebe12494fd5d193f014ce38e1fd83cc57883c8 (diff) | |
nfsd: check for use of the closed special stateid
Prevent the use of the closed (invalid) special stateid by clients.
Signed-off-by: Andrew Elble <aweits@rit.edu>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd')
| -rw-r--r-- | fs/nfsd/nfs4state.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index d0992d59f4e1..73451436c1c2 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c | |||
| @@ -72,6 +72,7 @@ static u64 current_sessionid = 1; | |||
| 72 | #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) | 72 | #define ZERO_STATEID(stateid) (!memcmp((stateid), &zero_stateid, sizeof(stateid_t))) |
| 73 | #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) | 73 | #define ONE_STATEID(stateid) (!memcmp((stateid), &one_stateid, sizeof(stateid_t))) |
| 74 | #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) | 74 | #define CURRENT_STATEID(stateid) (!memcmp((stateid), ¤tstateid, sizeof(stateid_t))) |
| 75 | #define CLOSE_STATEID(stateid) (!memcmp((stateid), &close_stateid, sizeof(stateid_t))) | ||
| 75 | 76 | ||
| 76 | /* forward declarations */ | 77 | /* forward declarations */ |
| 77 | static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); | 78 | static bool check_for_locks(struct nfs4_file *fp, struct nfs4_lockowner *lowner); |
| @@ -4936,7 +4937,8 @@ static __be32 nfsd4_validate_stateid(struct nfs4_client *cl, stateid_t *stateid) | |||
| 4936 | struct nfs4_stid *s; | 4937 | struct nfs4_stid *s; |
| 4937 | __be32 status = nfserr_bad_stateid; | 4938 | __be32 status = nfserr_bad_stateid; |
| 4938 | 4939 | ||
| 4939 | if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) | 4940 | if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || |
| 4941 | CLOSE_STATEID(stateid)) | ||
| 4940 | return status; | 4942 | return status; |
| 4941 | /* Client debugging aid. */ | 4943 | /* Client debugging aid. */ |
| 4942 | if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { | 4944 | if (!same_clid(&stateid->si_opaque.so_clid, &cl->cl_clientid)) { |
| @@ -4994,7 +4996,8 @@ nfsd4_lookup_stateid(struct nfsd4_compound_state *cstate, | |||
| 4994 | else if (typemask & NFS4_DELEG_STID) | 4996 | else if (typemask & NFS4_DELEG_STID) |
| 4995 | typemask |= NFS4_REVOKED_DELEG_STID; | 4997 | typemask |= NFS4_REVOKED_DELEG_STID; |
| 4996 | 4998 | ||
| 4997 | if (ZERO_STATEID(stateid) || ONE_STATEID(stateid)) | 4999 | if (ZERO_STATEID(stateid) || ONE_STATEID(stateid) || |
| 5000 | CLOSE_STATEID(stateid)) | ||
| 4998 | return nfserr_bad_stateid; | 5001 | return nfserr_bad_stateid; |
| 4999 | status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); | 5002 | status = lookup_clientid(&stateid->si_opaque.so_clid, cstate, nn); |
| 5000 | if (status == nfserr_stale_clientid) { | 5003 | if (status == nfserr_stale_clientid) { |