diff options
| author | Trond Myklebust <trond.myklebust@primarydata.com> | 2014-08-25 22:33:12 -0400 |
|---|---|---|
| committer | Trond Myklebust <trond.myklebust@primarydata.com> | 2014-08-26 16:17:48 -0400 |
| commit | aee7af356e151494d5014f57b33460b162f181b5 (patch) | |
| tree | c551c93d552db5b2992043d1c68404f7dd907df1 | |
| parent | 52addcf9d6669fa439387610bc65c92fa0980cef (diff) | |
NFSv4: Fix problems with close in the presence of a delegation
In the presence of delegations, we can no longer assume that the
state->n_rdwr, state->n_rdonly, state->n_wronly reflect the open
stateid share mode, and so we need to calculate the initial value
for calldata->arg.fmode using the state->flags.
Reported-by: James Drews <drews@engr.wisc.edu>
Fixes: 88069f77e1ac5 (NFSv41: Fix a potential state leakage when...)
Cc: stable@vger.kernel.org # 2.6.33+
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
| -rw-r--r-- | fs/nfs/nfs4proc.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 75ae8d22f067..ff94a2f36051 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c | |||
| @@ -2601,6 +2601,7 @@ static void nfs4_close_prepare(struct rpc_task *task, void *data) | |||
| 2601 | struct nfs4_closedata *calldata = data; | 2601 | struct nfs4_closedata *calldata = data; |
| 2602 | struct nfs4_state *state = calldata->state; | 2602 | struct nfs4_state *state = calldata->state; |
| 2603 | struct inode *inode = calldata->inode; | 2603 | struct inode *inode = calldata->inode; |
| 2604 | bool is_rdonly, is_wronly, is_rdwr; | ||
| 2604 | int call_close = 0; | 2605 | int call_close = 0; |
| 2605 | 2606 | ||
| 2606 | dprintk("%s: begin!\n", __func__); | 2607 | dprintk("%s: begin!\n", __func__); |
| @@ -2608,18 +2609,24 @@ static void nfs4_close_prepare(struct rpc_task *task, void *data) | |||
| 2608 | goto out_wait; | 2609 | goto out_wait; |
| 2609 | 2610 | ||
| 2610 | task->tk_msg.rpc_proc = &nfs4_procedures[NFSPROC4_CLNT_OPEN_DOWNGRADE]; | 2611 | task->tk_msg.rpc_proc = &nfs4_procedures[NFSPROC4_CLNT_OPEN_DOWNGRADE]; |
| 2611 | calldata->arg.fmode = FMODE_READ|FMODE_WRITE; | ||
| 2612 | spin_lock(&state->owner->so_lock); | 2612 | spin_lock(&state->owner->so_lock); |
| 2613 | is_rdwr = test_bit(NFS_O_RDWR_STATE, &state->flags); | ||
| 2614 | is_rdonly = test_bit(NFS_O_RDONLY_STATE, &state->flags); | ||
| 2615 | is_wronly = test_bit(NFS_O_WRONLY_STATE, &state->flags); | ||
| 2616 | /* Calculate the current open share mode */ | ||
| 2617 | calldata->arg.fmode = 0; | ||
| 2618 | if (is_rdonly || is_rdwr) | ||
| 2619 | calldata->arg.fmode |= FMODE_READ; | ||
| 2620 | if (is_wronly || is_rdwr) | ||
| 2621 | calldata->arg.fmode |= FMODE_WRITE; | ||
| 2613 | /* Calculate the change in open mode */ | 2622 | /* Calculate the change in open mode */ |
| 2614 | if (state->n_rdwr == 0) { | 2623 | if (state->n_rdwr == 0) { |
| 2615 | if (state->n_rdonly == 0) { | 2624 | if (state->n_rdonly == 0) { |
| 2616 | call_close |= test_bit(NFS_O_RDONLY_STATE, &state->flags); | 2625 | call_close |= is_rdonly || is_rdwr; |
| 2617 | call_close |= test_bit(NFS_O_RDWR_STATE, &state->flags); | ||
| 2618 | calldata->arg.fmode &= ~FMODE_READ; | 2626 | calldata->arg.fmode &= ~FMODE_READ; |
| 2619 | } | 2627 | } |
| 2620 | if (state->n_wronly == 0) { | 2628 | if (state->n_wronly == 0) { |
| 2621 | call_close |= test_bit(NFS_O_WRONLY_STATE, &state->flags); | 2629 | call_close |= is_wronly || is_rdwr; |
| 2622 | call_close |= test_bit(NFS_O_RDWR_STATE, &state->flags); | ||
| 2623 | calldata->arg.fmode &= ~FMODE_WRITE; | 2630 | calldata->arg.fmode &= ~FMODE_WRITE; |
| 2624 | } | 2631 | } |
| 2625 | } | 2632 | } |