aboutsummaryrefslogtreecommitdiffstats
path: root/fs/nfsd
diff options
context:
space:
mode:
Diffstat (limited to 'fs/nfsd')
-rw-r--r--fs/nfsd/export.c2
-rw-r--r--fs/nfsd/nfs4state.c32
-rw-r--r--fs/nfsd/nfsfh.c27
-rw-r--r--fs/nfsd/vfs.c14
4 files changed, 41 insertions, 34 deletions
diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c
index 3eec30000f3f..01bc68c628ad 100644
--- a/fs/nfsd/export.c
+++ b/fs/nfsd/export.c
@@ -126,7 +126,7 @@ static int expkey_parse(struct cache_detail *cd, char *mesg, int mlen)
126 if (*ep) 126 if (*ep)
127 goto out; 127 goto out;
128 dprintk("found fsidtype %d\n", fsidtype); 128 dprintk("found fsidtype %d\n", fsidtype);
129 if (fsidtype > 2) 129 if (key_len(fsidtype)==0) /* invalid type */
130 goto out; 130 goto out;
131 if ((len=qword_get(&mesg, buf, PAGE_SIZE)) <= 0) 131 if ((len=qword_get(&mesg, buf, PAGE_SIZE)) <= 0)
132 goto out; 132 goto out;
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index 7c7d01672d35..9daa0b9feb8d 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -1237,8 +1237,15 @@ find_file(struct inode *ino)
1237 return NULL; 1237 return NULL;
1238} 1238}
1239 1239
1240#define TEST_ACCESS(x) ((x > 0 || x < 4)?1:0) 1240static int access_valid(u32 x)
1241#define TEST_DENY(x) ((x >= 0 || x < 5)?1:0) 1241{
1242 return (x > 0 && x < 4);
1243}
1244
1245static int deny_valid(u32 x)
1246{
1247 return (x >= 0 && x < 5);
1248}
1242 1249
1243static void 1250static void
1244set_access(unsigned int *access, unsigned long bmap) { 1251set_access(unsigned int *access, unsigned long bmap) {
@@ -1745,7 +1752,8 @@ nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nf
1745 int status; 1752 int status;
1746 1753
1747 status = nfserr_inval; 1754 status = nfserr_inval;
1748 if (!TEST_ACCESS(open->op_share_access) || !TEST_DENY(open->op_share_deny)) 1755 if (!access_valid(open->op_share_access)
1756 || !deny_valid(open->op_share_deny))
1749 goto out; 1757 goto out;
1750 /* 1758 /*
1751 * Lookup file; if found, lookup stateid and check open request, 1759 * Lookup file; if found, lookup stateid and check open request,
@@ -1782,10 +1790,10 @@ nfsd4_process_open2(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nf
1782 } else { 1790 } else {
1783 /* Stateid was not found, this is a new OPEN */ 1791 /* Stateid was not found, this is a new OPEN */
1784 int flags = 0; 1792 int flags = 0;
1793 if (open->op_share_access & NFS4_SHARE_ACCESS_READ)
1794 flags |= MAY_READ;
1785 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE) 1795 if (open->op_share_access & NFS4_SHARE_ACCESS_WRITE)
1786 flags = MAY_WRITE; 1796 flags |= MAY_WRITE;
1787 else
1788 flags = MAY_READ;
1789 status = nfs4_new_open(rqstp, &stp, dp, current_fh, flags); 1797 status = nfs4_new_open(rqstp, &stp, dp, current_fh, flags);
1790 if (status) 1798 if (status)
1791 goto out; 1799 goto out;
@@ -2070,16 +2078,12 @@ nfs4_preprocess_stateid_op(struct svc_fh *current_fh, stateid_t *stateid, int fl
2070 if (!stateid->si_fileid) { /* delegation stateid */ 2078 if (!stateid->si_fileid) { /* delegation stateid */
2071 if(!(dp = find_delegation_stateid(ino, stateid))) { 2079 if(!(dp = find_delegation_stateid(ino, stateid))) {
2072 dprintk("NFSD: delegation stateid not found\n"); 2080 dprintk("NFSD: delegation stateid not found\n");
2073 if (nfs4_in_grace())
2074 status = nfserr_grace;
2075 goto out; 2081 goto out;
2076 } 2082 }
2077 stidp = &dp->dl_stateid; 2083 stidp = &dp->dl_stateid;
2078 } else { /* open or lock stateid */ 2084 } else { /* open or lock stateid */
2079 if (!(stp = find_stateid(stateid, flags))) { 2085 if (!(stp = find_stateid(stateid, flags))) {
2080 dprintk("NFSD: open or lock stateid not found\n"); 2086 dprintk("NFSD: open or lock stateid not found\n");
2081 if (nfs4_in_grace())
2082 status = nfserr_grace;
2083 goto out; 2087 goto out;
2084 } 2088 }
2085 if ((flags & CHECK_FH) && nfs4_check_fh(current_fh, stp)) 2089 if ((flags & CHECK_FH) && nfs4_check_fh(current_fh, stp))
@@ -2252,8 +2256,9 @@ nfsd4_open_confirm(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfs
2252 (int)current_fh->fh_dentry->d_name.len, 2256 (int)current_fh->fh_dentry->d_name.len,
2253 current_fh->fh_dentry->d_name.name); 2257 current_fh->fh_dentry->d_name.name);
2254 2258
2255 if ((status = fh_verify(rqstp, current_fh, S_IFREG, 0))) 2259 status = fh_verify(rqstp, current_fh, S_IFREG, 0);
2256 goto out; 2260 if (status)
2261 return status;
2257 2262
2258 nfs4_lock_state(); 2263 nfs4_lock_state();
2259 2264
@@ -2320,7 +2325,8 @@ nfsd4_open_downgrade(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct n
2320 (int)current_fh->fh_dentry->d_name.len, 2325 (int)current_fh->fh_dentry->d_name.len,
2321 current_fh->fh_dentry->d_name.name); 2326 current_fh->fh_dentry->d_name.name);
2322 2327
2323 if (!TEST_ACCESS(od->od_share_access) || !TEST_DENY(od->od_share_deny)) 2328 if (!access_valid(od->od_share_access)
2329 || !deny_valid(od->od_share_deny))
2324 return nfserr_inval; 2330 return nfserr_inval;
2325 2331
2326 nfs4_lock_state(); 2332 nfs4_lock_state();
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index 3f2ec2e6d06c..ecc439d2565f 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -187,13 +187,6 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, int access)
187 goto out; 187 goto out;
188 } 188 }
189 189
190 /* Set user creds for this exportpoint */
191 error = nfsd_setuser(rqstp, exp);
192 if (error) {
193 error = nfserrno(error);
194 goto out;
195 }
196
197 /* 190 /*
198 * Look up the dentry using the NFS file handle. 191 * Look up the dentry using the NFS file handle.
199 */ 192 */
@@ -251,6 +244,14 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, int access)
251 } 244 }
252 cache_get(&exp->h); 245 cache_get(&exp->h);
253 246
247 /* Set user creds for this exportpoint; necessary even in the "just
248 * checking" case because this may be a filehandle that was created by
249 * fh_compose, and that is about to be used in another nfsv4 compound
250 * operation */
251 error = nfserrno(nfsd_setuser(rqstp, exp));
252 if (error)
253 goto out;
254
254 error = nfsd_mode_check(rqstp, dentry->d_inode->i_mode, type); 255 error = nfsd_mode_check(rqstp, dentry->d_inode->i_mode, type);
255 if (error) 256 if (error)
256 goto out; 257 goto out;
@@ -312,8 +313,8 @@ int
312fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry, struct svc_fh *ref_fh) 313fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry, struct svc_fh *ref_fh)
313{ 314{
314 /* ref_fh is a reference file handle. 315 /* ref_fh is a reference file handle.
315 * if it is non-null, then we should compose a filehandle which is 316 * if it is non-null and for the same filesystem, then we should compose
316 * of the same version, where possible. 317 * a filehandle which is of the same version, where possible.
317 * Currently, that means that if ref_fh->fh_handle.fh_version == 0xca 318 * Currently, that means that if ref_fh->fh_handle.fh_version == 0xca
318 * Then create a 32byte filehandle using nfs_fhbase_old 319 * Then create a 32byte filehandle using nfs_fhbase_old
319 * 320 *
@@ -332,7 +333,7 @@ fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry, st
332 parent->d_name.name, dentry->d_name.name, 333 parent->d_name.name, dentry->d_name.name,
333 (inode ? inode->i_ino : 0)); 334 (inode ? inode->i_ino : 0));
334 335
335 if (ref_fh) { 336 if (ref_fh && ref_fh->fh_export == exp) {
336 ref_fh_version = ref_fh->fh_handle.fh_version; 337 ref_fh_version = ref_fh->fh_handle.fh_version;
337 if (ref_fh_version == 0xca) 338 if (ref_fh_version == 0xca)
338 ref_fh_fsid_type = 0; 339 ref_fh_fsid_type = 0;
@@ -461,7 +462,7 @@ fh_update(struct svc_fh *fhp)
461 } else { 462 } else {
462 int size; 463 int size;
463 if (fhp->fh_handle.fh_fileid_type != 0) 464 if (fhp->fh_handle.fh_fileid_type != 0)
464 goto out_uptodate; 465 goto out;
465 datap = fhp->fh_handle.fh_auth+ 466 datap = fhp->fh_handle.fh_auth+
466 fhp->fh_handle.fh_size/4 -1; 467 fhp->fh_handle.fh_size/4 -1;
467 size = (fhp->fh_maxsize - fhp->fh_handle.fh_size)/4; 468 size = (fhp->fh_maxsize - fhp->fh_handle.fh_size)/4;
@@ -481,10 +482,6 @@ out_negative:
481 printk(KERN_ERR "fh_update: %s/%s still negative!\n", 482 printk(KERN_ERR "fh_update: %s/%s still negative!\n",
482 dentry->d_parent->d_name.name, dentry->d_name.name); 483 dentry->d_parent->d_name.name, dentry->d_name.name);
483 goto out; 484 goto out;
484out_uptodate:
485 printk(KERN_ERR "fh_update: %s/%s already up-to-date!\n",
486 dentry->d_parent->d_name.name, dentry->d_name.name);
487 goto out;
488} 485}
489 486
490/* 487/*
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index da3ec74d8a43..c9e3b5a8fe07 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -672,7 +672,10 @@ nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type,
672 goto out_nfserr; 672 goto out_nfserr;
673 673
674 if (access & MAY_WRITE) { 674 if (access & MAY_WRITE) {
675 flags = O_WRONLY|O_LARGEFILE; 675 if (access & MAY_READ)
676 flags = O_RDWR|O_LARGEFILE;
677 else
678 flags = O_WRONLY|O_LARGEFILE;
676 679
677 DQUOT_INIT(inode); 680 DQUOT_INIT(inode);
678 } 681 }
@@ -833,7 +836,7 @@ nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file,
833 if (ra && ra->p_set) 836 if (ra && ra->p_set)
834 file->f_ra = ra->p_ra; 837 file->f_ra = ra->p_ra;
835 838
836 if (file->f_op->sendfile) { 839 if (file->f_op->sendfile && rqstp->rq_sendfile_ok) {
837 svc_pushback_unused_pages(rqstp); 840 svc_pushback_unused_pages(rqstp);
838 err = file->f_op->sendfile(file, &offset, *count, 841 err = file->f_op->sendfile(file, &offset, *count,
839 nfsd_read_actor, rqstp); 842 nfsd_read_actor, rqstp);
@@ -1516,14 +1519,15 @@ nfsd_link(struct svc_rqst *rqstp, struct svc_fh *ffhp,
1516 err = nfserrno(err); 1519 err = nfserrno(err);
1517 } 1520 }
1518 1521
1519 fh_unlock(ffhp);
1520 dput(dnew); 1522 dput(dnew);
1523out_unlock:
1524 fh_unlock(ffhp);
1521out: 1525out:
1522 return err; 1526 return err;
1523 1527
1524out_nfserr: 1528out_nfserr:
1525 err = nfserrno(err); 1529 err = nfserrno(err);
1526 goto out; 1530 goto out_unlock;
1527} 1531}
1528 1532
1529/* 1533/*
@@ -1552,7 +1556,7 @@ nfsd_rename(struct svc_rqst *rqstp, struct svc_fh *ffhp, char *fname, int flen,
1552 tdir = tdentry->d_inode; 1556 tdir = tdentry->d_inode;
1553 1557
1554 err = (rqstp->rq_vers == 2) ? nfserr_acces : nfserr_xdev; 1558 err = (rqstp->rq_vers == 2) ? nfserr_acces : nfserr_xdev;
1555 if (fdir->i_sb != tdir->i_sb) 1559 if (ffhp->fh_export != tfhp->fh_export)
1556 goto out; 1560 goto out;
1557 1561
1558 err = nfserr_perm; 1562 err = nfserr_perm;