diff options
| author | Jeff Layton <jlayton@redhat.com> | 2007-08-23 23:16:51 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2007-08-23 23:16:51 -0400 |
| commit | 39db810cb6c1e7d1f2e43ae38b437b7ee72fe815 (patch) | |
| tree | 049b895e905cddeec0580388b636ca965b90ec8a /fs/cifs | |
| parent | 95ba7362105646523ee712fd252ec2e34ccbec15 (diff) | |
[CIFS] Byte range unlock request to non-Unix server can unlock too much
On a mount without posix extensions enabled, when an unlock request is
made, the client can release more than is intended. To reproduce, on a
CIFS mount without posix extensions enabled:
1) open file
2) do fcntl lock: start=0 len=1
3) do fcntl lock: start=2 len=1
4) do fcntl unlock: start=0 len=1
...on the unlock call the client sends an unlock request to the server
for both locks. The problem is a bad test in cifs_lock.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs')
| -rw-r--r-- | fs/cifs/CHANGES | 5 | ||||
| -rw-r--r-- | fs/cifs/file.c | 3 |
2 files changed, 6 insertions, 2 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index bed6215c0794..41e3b6a9397c 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES | |||
| @@ -6,7 +6,10 @@ done with "serverino" mount option). Add support for POSIX Unlink | |||
| 6 | Samba supports newer POSIX CIFS Protocol Extensions). Add "nounix" | 6 | Samba supports newer POSIX CIFS Protocol Extensions). Add "nounix" |
| 7 | mount option to allow disabling the CIFS Unix Extensions for just | 7 | mount option to allow disabling the CIFS Unix Extensions for just |
| 8 | that mount. Fix hang on spinlock in find_writable_file (race when | 8 | that mount. Fix hang on spinlock in find_writable_file (race when |
| 9 | reopening file after session crash). | 9 | reopening file after session crash). Byte range unlock request to |
| 10 | windows server could unlock more bytes (on server copy of file) | ||
| 11 | than intended if start of unlock request is well before start of | ||
| 12 | a previous byte range lock that we issued. | ||
| 10 | 13 | ||
| 11 | Version 1.49 | 14 | Version 1.49 |
| 12 | ------------ | 15 | ------------ |
diff --git a/fs/cifs/file.c b/fs/cifs/file.c index 894b1f7b299d..f9bd8b83f40e 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c | |||
| @@ -767,7 +767,8 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock) | |||
| 767 | mutex_lock(&fid->lock_mutex); | 767 | mutex_lock(&fid->lock_mutex); |
| 768 | list_for_each_entry_safe(li, tmp, &fid->llist, llist) { | 768 | list_for_each_entry_safe(li, tmp, &fid->llist, llist) { |
| 769 | if (pfLock->fl_start <= li->offset && | 769 | if (pfLock->fl_start <= li->offset && |
| 770 | length >= li->length) { | 770 | (pflock->fl_start + length) >= |
| 771 | (li->offset + li->length)) { | ||
| 771 | stored_rc = CIFSSMBLock(xid, pTcon, | 772 | stored_rc = CIFSSMBLock(xid, pTcon, |
| 772 | netfid, | 773 | netfid, |
| 773 | li->length, li->offset, | 774 | li->length, li->offset, |