From: Chuck Lever <chuck.lever@oracle.com>
To: Christoph Hellwig <hch@lst.de>
Cc: "J. Bruce Fields" <bfields@redhat.com>,
Jeff Layton <jlayton@poochiereds.net>,
Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
stable@kernel.org
Subject: Re: [PATCH] nfsd: special case truncates some more
Date: Tue, 21 Feb 2017 10:07:51 -0500 [thread overview]
Message-ID: <5B8D7C50-70C3-43F8-B8D6-0B845B84D5F2@oracle.com> (raw)
In-Reply-To: <20170220062133.26607-2-hch@lst.de>
> On Feb 20, 2017, at 1:21 AM, Christoph Hellwig <hch@lst.de> wrote:
>
> Both the NFS protocols and the Linux VFS use a setattr operation with a
> bitmap of attributs to set to set various file attributes including the
> file size and the uid/gid.
>
> The Linux syscalls never mixes size updates with unrelated updates like
> the uid/gid, and some file systems like XFS and GFS2 rely on the fact
> that truncates might not update random other attributes, and many other
> file systems handle the case but do not update the different attributes
> in the same transaction. NFSD on the other hand passes the attributes
> it gets on the wire more or less directly through to the VFS, leading to
> updates the file systems don't expect. XFS at least has an assert on
> the allowed attributes, which caught an unusual NFS client setting the
> size and group at the same time.
>
> To handle this issue properly this splits the notify_change call in
> nfsd_setattr into two separate ones.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Cc: stable@kernel.org
Tested-by: Chuck Lever <chuck.lever@oracle.com>
> ---
> fs/nfsd/vfs.c | 59 +++++++++++++++++++++++++++++++++++++----------------------
> 1 file changed, 37 insertions(+), 22 deletions(-)
>
> diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
> index 26c6fdb4bf67..3c36ed5a1f07 100644
> --- a/fs/nfsd/vfs.c
> +++ b/fs/nfsd/vfs.c
> @@ -377,7 +377,7 @@ nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
> __be32 err;
> int host_err;
> bool get_write_count;
> - int size_change = 0;
> + bool size_change = (iap->ia_valid & ATTR_SIZE);
>
> if (iap->ia_valid & (ATTR_ATIME | ATTR_MTIME | ATTR_SIZE))
> accmode |= NFSD_MAY_WRITE|NFSD_MAY_OWNER_OVERRIDE;
> @@ -390,11 +390,11 @@ nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
> /* Get inode */
> err = fh_verify(rqstp, fhp, ftype, accmode);
> if (err)
> - goto out;
> + return err;
> if (get_write_count) {
> host_err = fh_want_write(fhp);
> if (host_err)
> - return nfserrno(host_err);
> + goto out;
> }
>
> dentry = fhp->fh_dentry;
> @@ -405,20 +405,28 @@ nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
> iap->ia_valid &= ~ATTR_MODE;
>
> if (!iap->ia_valid)
> - goto out;
> + return 0;
>
> nfsd_sanitize_attrs(inode, iap);
>
> + if (check_guard && guardtime != inode->i_ctime.tv_sec)
> + return nfserr_notsync;
> +
> /*
> * The size case is special, it changes the file in addition to the
> - * attributes.
> + * attributes, and file systems don't expect it to be mixed with
> + * "random" attribute changes. We thus split out the size change
> + * into a separate call to ->setattr, and do the rest as a separate
> + * setattr call.
> */
> - if (iap->ia_valid & ATTR_SIZE) {
> + if (size_change) {
> err = nfsd_get_write_access(rqstp, fhp, iap);
> if (err)
> - goto out;
> - size_change = 1;
> + return err;
> + }
>
> + fh_lock(fhp);
> + if (size_change) {
> /*
> * RFC5661, Section 18.30.4:
> * Changing the size of a file with SETATTR indirectly
> @@ -426,29 +434,36 @@ nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
> *
> * (and similar for the older RFCs)
> */
> - if (iap->ia_size != i_size_read(inode))
> - iap->ia_valid |= ATTR_MTIME;
> - }
> + struct iattr size_attr = {
> + .ia_valid = ATTR_SIZE | ATTR_CTIME | ATTR_MTIME,
> + .ia_size = iap->ia_size,
> + };
>
> - iap->ia_valid |= ATTR_CTIME;
> + host_err = notify_change(dentry, &size_attr, NULL);
> + if (host_err)
> + goto out_unlock;
> + iap->ia_valid &= ~ATTR_SIZE;
>
> - if (check_guard && guardtime != inode->i_ctime.tv_sec) {
> - err = nfserr_notsync;
> - goto out_put_write_access;
> + /*
> + * Avoid the additional setattr call below if the only other
> + * attribute that the client sends is the mtime, as we update
> + * it as part of the size change above.
> + */
> + if ((iap->ia_valid & ~ATTR_MTIME) == 0)
> + goto out_unlock;
> }
>
> - fh_lock(fhp);
> + iap->ia_valid |= ATTR_CTIME;
> host_err = notify_change(dentry, iap, NULL);
> - fh_unlock(fhp);
> - err = nfserrno(host_err);
>
> -out_put_write_access:
> +out_unlock:
> + fh_unlock(fhp);
> if (size_change)
> put_write_access(inode);
> - if (!err)
> - err = nfserrno(commit_metadata(fhp));
> out:
> - return err;
> + if (!host_err)
> + host_err = commit_metadata(fhp);
> + return nfserrno(host_err);
> }
>
> #if defined(CONFIG_NFSD_V4)
> --
> 2.11.0
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Chuck Lever
next prev parent reply other threads:[~2017-02-21 15:08 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-20 6:21 split setattr operations take 2 Christoph Hellwig
2017-02-20 6:21 ` [PATCH] nfsd: special case truncates some more Christoph Hellwig
2017-02-20 22:23 ` J. Bruce Fields
2017-02-21 15:07 ` Chuck Lever [this message]
2017-02-21 15:14 ` J. Bruce Fields
-- strict thread matches above, loose matches on Subject: below --
2017-01-22 16:54 setattr ATTR_SIZE vs the rest Christoph Hellwig
2017-01-22 16:54 ` [PATCH] nfsd: special case truncates some more Christoph Hellwig
2017-01-23 12:21 ` Jeff Layton
2017-01-23 12:33 ` Christoph Hellwig
2017-01-23 15:36 ` Christoph Hellwig
2017-01-23 15:36 ` Christoph Hellwig
2017-01-23 15:52 ` Jeff Layton
2017-01-23 16:05 ` Christoph Hellwig
2017-01-23 16:14 ` Jeff Layton
2017-01-23 16:20 ` Trond Myklebust
2017-01-23 16:20 ` Trond Myklebust
2017-01-23 16:26 ` hch
2017-01-23 17:25 ` Trond Myklebust
2017-01-23 17:25 ` Trond Myklebust
2017-01-23 17:38 ` hch
2017-01-23 17:42 ` Trond Myklebust
2017-01-23 17:42 ` Trond Myklebust
2017-01-24 16:25 ` J. Bruce Fields
2017-01-24 22:02 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5B8D7C50-70C3-43F8-B8D6-0B845B84D5F2@oracle.com \
--to=chuck.lever@oracle.com \
--cc=bfields@redhat.com \
--cc=hch@lst.de \
--cc=jlayton@poochiereds.net \
--cc=linux-nfs@vger.kernel.org \
--cc=stable@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.