diff options
| author | Neil Brown <neilb@suse.de> | 2012-12-07 15:40:55 -0500 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2013-01-03 03:33:35 +0000 |
| commit | 65ad4f419b64f0f7768cb564fee61667737c6b5c (patch) | |
| tree | d15e7281b9f48069a6619b2a669c7f076893f686 /fs/nfsd | |
| parent | 3d66fd735d84acb52b09fd5c441e3b206cd226a5 (diff) | |
| download | kernel_samsung_smdk4412-65ad4f419b64f0f7768cb564fee61667737c6b5c.zip kernel_samsung_smdk4412-65ad4f419b64f0f7768cb564fee61667737c6b5c.tar.gz kernel_samsung_smdk4412-65ad4f419b64f0f7768cb564fee61667737c6b5c.tar.bz2 | |
nfsd: avoid permission checks on EXCLUSIVE_CREATE replay
commit 7007c90fb9fef593b4aeaeee57e6a6754276c97c upstream.
With NFSv4, if we create a file then open it we explicit avoid checking
the permissions on the file during the open because the fact that we
created it ensures we should be allow to open it (the create and the
open should appear to be a single operation).
However if the reply to an EXCLUSIVE create gets lots and the client
resends the create, the current code will perform the permission check -
because it doesn't realise that it did the open already..
This patch should fix this.
Note that I haven't actually seen this cause a problem. I was just
looking at the code trying to figure out a different EXCLUSIVE open
related issue, and this looked wrong.
(Fix confirmed with pynfs 4.0 test OPEN4--bfields)
Signed-off-by: NeilBrown <neilb@suse.de>
[bfields: use OWNER_OVERRIDE and update for 4.1]
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
[bwh: Backported to 3.2:
- Adjust context
- Use current_fh as file handle in do_open_lookup()]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'fs/nfsd')
| -rw-r--r-- | fs/nfsd/nfs4proc.c | 8 | ||||
| -rw-r--r-- | fs/nfsd/vfs.c | 10 |
2 files changed, 13 insertions, 5 deletions
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index b8c5538..fe5c5fb 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -193,6 +193,7 @@ static __be32 do_open_lookup(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_open *open) { struct svc_fh resfh; + int accmode; __be32 status; fh_init(&resfh, NFS4_FHSIZE); @@ -252,9 +253,10 @@ do_open_lookup(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_o /* set reply cache */ fh_copy_shallow(&open->op_openowner->oo_owner.so_replay.rp_openfh, &resfh.fh_handle); - if (!open->op_created) - status = do_open_permission(rqstp, current_fh, open, - NFSD_MAY_NOP); + accmode = NFSD_MAY_NOP; + if (open->op_created) + accmode |= NFSD_MAY_OWNER_OVERRIDE; + status = do_open_permission(rqstp, current_fh, open, accmode); out: fh_put(&resfh); diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index 5c3cd82..1ec1fde 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -1458,13 +1458,19 @@ do_nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp, case NFS3_CREATE_EXCLUSIVE: if ( dchild->d_inode->i_mtime.tv_sec == v_mtime && dchild->d_inode->i_atime.tv_sec == v_atime - && dchild->d_inode->i_size == 0 ) + && dchild->d_inode->i_size == 0 ) { + if (created) + *created = 1; break; + } case NFS4_CREATE_EXCLUSIVE4_1: if ( dchild->d_inode->i_mtime.tv_sec == v_mtime && dchild->d_inode->i_atime.tv_sec == v_atime - && dchild->d_inode->i_size == 0 ) + && dchild->d_inode->i_size == 0 ) { + if (created) + *created = 1; goto set_attr; + } /* fallthru */ case NFS3_CREATE_GUARDED: err = nfserr_exist; |