* [PATCH AUTOSEL 4.19 003/252] nfsd4: avoid NULL deference on strange COPY compounds
[not found] <20200214161147.15842-1-sashal@kernel.org>
@ 2020-02-14 16:07 ` Sasha Levin
2020-02-14 16:08 ` [PATCH AUTOSEL 4.19 031/252] nfs: NFS_SWAP should depend on SWAP Sasha Levin
` (4 subsequent siblings)
5 siblings, 0 replies; 6+ messages in thread
From: Sasha Levin @ 2020-02-14 16:07 UTC (permalink / raw)
To: linux-kernel, stable
Cc: J. Bruce Fields, Dan Carpenter, Sasha Levin, linux-nfs
From: "J. Bruce Fields" <bfields@redhat.com>
[ Upstream commit d781e3df710745fbbaee4eb07fd5b64331a1b175 ]
With cross-server COPY we've introduced the possibility that the current
or saved filehandle might not have fh_dentry/fh_export filled in, but we
missed a place that assumed it was. I think this could be triggered by
a compound like:
PUTFH(foreign filehandle)
GETATTR
SAVEFH
COPY
First, check_if_stalefh_allowed sets no_verify on the first (PUTFH) op.
Then op_func = nfsd4_putfh runs and leaves current_fh->fh_export NULL.
need_wrongsec_check returns true, since this PUTFH has OP_IS_PUTFH_LIKE
set and GETATTR does not have OP_HANDLES_WRONGSEC set.
We should probably also consider tightening the checks in
check_if_stalefh_allowed and double-checking that we don't assume the
filehandle is verified elsewhere in the compound. But I think this
fixes the immediate issue.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 4e48f1cccab3 "NFSD: allow inter server COPY to have... "
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/nfsd/nfs4proc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index f35aa9f88b5ec..895123518fd42 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -1789,7 +1789,8 @@ nfsd4_proc_compound(struct svc_rqst *rqstp)
if (op->opdesc->op_flags & OP_CLEAR_STATEID)
clear_current_stateid(cstate);
- if (need_wrongsec_check(rqstp))
+ if (current_fh->fh_export &&
+ need_wrongsec_check(rqstp))
op->status = check_nfsd_access(current_fh->fh_export, rqstp);
}
encode_op:
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH AUTOSEL 4.19 031/252] nfs: NFS_SWAP should depend on SWAP
[not found] <20200214161147.15842-1-sashal@kernel.org>
2020-02-14 16:07 ` [PATCH AUTOSEL 4.19 003/252] nfsd4: avoid NULL deference on strange COPY compounds Sasha Levin
@ 2020-02-14 16:08 ` Sasha Levin
2020-02-14 16:10 ` [PATCH AUTOSEL 4.19 175/252] NFS: Revalidate the file size on a fatal write error Sasha Levin
` (3 subsequent siblings)
5 siblings, 0 replies; 6+ messages in thread
From: Sasha Levin @ 2020-02-14 16:08 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Geert Uytterhoeven, Anna Schumaker, Sasha Levin, linux-nfs
From: Geert Uytterhoeven <geert+renesas@glider.be>
[ Upstream commit 474c4f306eefbb21b67ebd1de802d005c7d7ecdc ]
If CONFIG_SWAP=n, it does not make much sense to offer the user the
option to enable support for swapping over NFS, as that will still fail
at run time:
# swapon /swap
swapon: /swap: swapon failed: Function not implemented
Fix this by adding a dependency on CONFIG_SWAP.
Fixes: a564b8f0398636ba ("nfs: enable swap on NFS")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/nfs/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig
index 5f93cfacb3d14..ac3e06367cb68 100644
--- a/fs/nfs/Kconfig
+++ b/fs/nfs/Kconfig
@@ -89,7 +89,7 @@ config NFS_V4
config NFS_SWAP
bool "Provide swap over NFS support"
default n
- depends on NFS_FS
+ depends on NFS_FS && SWAP
select SUNRPC_SWAP
help
This option enables swapon to work on files located on NFS mounts.
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH AUTOSEL 4.19 175/252] NFS: Revalidate the file size on a fatal write error
[not found] <20200214161147.15842-1-sashal@kernel.org>
2020-02-14 16:07 ` [PATCH AUTOSEL 4.19 003/252] nfsd4: avoid NULL deference on strange COPY compounds Sasha Levin
2020-02-14 16:08 ` [PATCH AUTOSEL 4.19 031/252] nfs: NFS_SWAP should depend on SWAP Sasha Levin
@ 2020-02-14 16:10 ` Sasha Levin
2020-02-14 16:10 ` [PATCH AUTOSEL 4.19 176/252] NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() Sasha Levin
` (2 subsequent siblings)
5 siblings, 0 replies; 6+ messages in thread
From: Sasha Levin @ 2020-02-14 16:10 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Trond Myklebust, Trond Myklebust, Anna Schumaker, Sasha Levin, linux-nfs
From: Trond Myklebust <trondmy@gmail.com>
[ Upstream commit 0df68ced55443243951d02cc497be31fadf28173 ]
If we suffer a fatal error upon writing a file, which causes us to
need to revalidate the entire mapping, then we should also revalidate
the file size.
Fixes: d2ceb7e57086 ("NFS: Don't use page_file_mapping after removing the page")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/nfs/write.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/fs/nfs/write.c b/fs/nfs/write.c
index e27637fa0f790..e8152781814dd 100644
--- a/fs/nfs/write.c
+++ b/fs/nfs/write.c
@@ -240,7 +240,15 @@ static void nfs_grow_file(struct page *page, unsigned int offset, unsigned int c
/* A writeback failed: mark the page as bad, and invalidate the page cache */
static void nfs_set_pageerror(struct address_space *mapping)
{
+ struct inode *inode = mapping->host;
+
nfs_zap_mapping(mapping->host, mapping);
+ /* Force file size revalidation */
+ spin_lock(&inode->i_lock);
+ NFS_I(inode)->cache_validity |= NFS_INO_REVAL_FORCED |
+ NFS_INO_REVAL_PAGECACHE |
+ NFS_INO_INVALID_SIZE;
+ spin_unlock(&inode->i_lock);
}
/*
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH AUTOSEL 4.19 176/252] NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
[not found] <20200214161147.15842-1-sashal@kernel.org>
` (2 preceding siblings ...)
2020-02-14 16:10 ` [PATCH AUTOSEL 4.19 175/252] NFS: Revalidate the file size on a fatal write error Sasha Levin
@ 2020-02-14 16:10 ` Sasha Levin
2020-02-14 16:11 ` [PATCH AUTOSEL 4.19 247/252] NFS: Fix memory leaks Sasha Levin
2020-02-14 16:11 ` [PATCH AUTOSEL 4.19 248/252] NFSv4: try lease recovery on NFS4ERR_EXPIRED Sasha Levin
5 siblings, 0 replies; 6+ messages in thread
From: Sasha Levin @ 2020-02-14 16:10 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Trond Myklebust, Trond Myklebust, Anna Schumaker, Sasha Levin, linux-nfs
From: Trond Myklebust <trondmy@gmail.com>
[ Upstream commit 221203ce6406273cf00e5c6397257d986c003ee6 ]
Instead of making assumptions about the commit verifier contents, change
the commit code to ensure we always check that the verifier was set
by the XDR code.
Fixes: f54bcf2ecee9 ("pnfs: Prepare for flexfiles by pulling out common code")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/nfs/direct.c | 4 ++--
fs/nfs/nfs3xdr.c | 5 ++++-
fs/nfs/nfs4xdr.c | 5 ++++-
fs/nfs/pnfs_nfs.c | 7 +++----
fs/nfs/write.c | 4 +++-
5 files changed, 16 insertions(+), 9 deletions(-)
diff --git a/fs/nfs/direct.c b/fs/nfs/direct.c
index 29b70337dcd9f..c61bd3fc723ee 100644
--- a/fs/nfs/direct.c
+++ b/fs/nfs/direct.c
@@ -261,10 +261,10 @@ static int nfs_direct_cmp_commit_data_verf(struct nfs_direct_req *dreq,
data->ds_commit_index);
/* verifier not set so always fail */
- if (verfp->committed < 0)
+ if (verfp->committed < 0 || data->res.verf->committed <= NFS_UNSTABLE)
return 1;
- return nfs_direct_cmp_verf(verfp, &data->verf);
+ return nfs_direct_cmp_verf(verfp, data->res.verf);
}
/**
diff --git a/fs/nfs/nfs3xdr.c b/fs/nfs/nfs3xdr.c
index 64e4fa33d89f0..9956453aa6ffc 100644
--- a/fs/nfs/nfs3xdr.c
+++ b/fs/nfs/nfs3xdr.c
@@ -2380,6 +2380,7 @@ static int nfs3_xdr_dec_commit3res(struct rpc_rqst *req,
void *data)
{
struct nfs_commitres *result = data;
+ struct nfs_writeverf *verf = result->verf;
enum nfs_stat status;
int error;
@@ -2392,7 +2393,9 @@ static int nfs3_xdr_dec_commit3res(struct rpc_rqst *req,
result->op_status = status;
if (status != NFS3_OK)
goto out_status;
- error = decode_writeverf3(xdr, &result->verf->verifier);
+ error = decode_writeverf3(xdr, &verf->verifier);
+ if (!error)
+ verf->committed = NFS_FILE_SYNC;
out:
return error;
out_status:
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index 1c0227c78a7bc..c4cf0192d7bb8 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -4439,11 +4439,14 @@ static int decode_write_verifier(struct xdr_stream *xdr, struct nfs_write_verifi
static int decode_commit(struct xdr_stream *xdr, struct nfs_commitres *res)
{
+ struct nfs_writeverf *verf = res->verf;
int status;
status = decode_op_hdr(xdr, OP_COMMIT);
if (!status)
- status = decode_write_verifier(xdr, &res->verf->verifier);
+ status = decode_write_verifier(xdr, &verf->verifier);
+ if (!status)
+ verf->committed = NFS_FILE_SYNC;
return status;
}
diff --git a/fs/nfs/pnfs_nfs.c b/fs/nfs/pnfs_nfs.c
index d5e4d3cd8c7f1..acfb52bc0007d 100644
--- a/fs/nfs/pnfs_nfs.c
+++ b/fs/nfs/pnfs_nfs.c
@@ -30,12 +30,11 @@ EXPORT_SYMBOL_GPL(pnfs_generic_rw_release);
/* Fake up some data that will cause nfs_commit_release to retry the writes. */
void pnfs_generic_prepare_to_resend_writes(struct nfs_commit_data *data)
{
- struct nfs_page *first = nfs_list_entry(data->pages.next);
+ struct nfs_writeverf *verf = data->res.verf;
data->task.tk_status = 0;
- memcpy(&data->verf.verifier, &first->wb_verf,
- sizeof(data->verf.verifier));
- data->verf.verifier.data[0]++; /* ensure verifier mismatch */
+ memset(&verf->verifier, 0, sizeof(verf->verifier));
+ verf->committed = NFS_UNSTABLE;
}
EXPORT_SYMBOL_GPL(pnfs_generic_prepare_to_resend_writes);
diff --git a/fs/nfs/write.c b/fs/nfs/write.c
index e8152781814dd..ce1da8cbac003 100644
--- a/fs/nfs/write.c
+++ b/fs/nfs/write.c
@@ -1814,6 +1814,7 @@ static void nfs_commit_done(struct rpc_task *task, void *calldata)
static void nfs_commit_release_pages(struct nfs_commit_data *data)
{
+ const struct nfs_writeverf *verf = data->res.verf;
struct nfs_page *req;
int status = data->task.tk_status;
struct nfs_commit_info cinfo;
@@ -1840,7 +1841,8 @@ static void nfs_commit_release_pages(struct nfs_commit_data *data)
/* Okay, COMMIT succeeded, apparently. Check the verifier
* returned by the server against all stored verfs. */
- if (!nfs_write_verifier_cmp(&req->wb_verf, &data->verf.verifier)) {
+ if (verf->committed > NFS_UNSTABLE &&
+ !nfs_write_verifier_cmp(&req->wb_verf, &verf->verifier)) {
/* We have a match */
if (req->wb_page)
nfs_inode_remove_request(req);
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH AUTOSEL 4.19 247/252] NFS: Fix memory leaks
[not found] <20200214161147.15842-1-sashal@kernel.org>
` (3 preceding siblings ...)
2020-02-14 16:10 ` [PATCH AUTOSEL 4.19 176/252] NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() Sasha Levin
@ 2020-02-14 16:11 ` Sasha Levin
2020-02-14 16:11 ` [PATCH AUTOSEL 4.19 248/252] NFSv4: try lease recovery on NFS4ERR_EXPIRED Sasha Levin
5 siblings, 0 replies; 6+ messages in thread
From: Sasha Levin @ 2020-02-14 16:11 UTC (permalink / raw)
To: linux-kernel, stable; +Cc: Wenwen Wang, Anna Schumaker, Sasha Levin, linux-nfs
From: Wenwen Wang <wenwen@cs.uga.edu>
[ Upstream commit 123c23c6a7b7ecd2a3d6060bea1d94019f71fd66 ]
In _nfs42_proc_copy(), 'res->commit_res.verf' is allocated through
kzalloc() if 'args->sync' is true. In the following code, if
'res->synchronous' is false, handle_async_copy() will be invoked. If an
error occurs during the invocation, the following code will not be executed
and the error will be returned . However, the allocated
'res->commit_res.verf' is not deallocated, leading to a memory leak. This
is also true if the invocation of process_copy_commit() returns an error.
To fix the above leaks, redirect the execution to the 'out' label if an
error is encountered.
Signed-off-by: Wenwen Wang <wenwen@cs.uga.edu>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/nfs/nfs42proc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/nfs/nfs42proc.c b/fs/nfs/nfs42proc.c
index 94f98e190e632..526441de89c1d 100644
--- a/fs/nfs/nfs42proc.c
+++ b/fs/nfs/nfs42proc.c
@@ -283,14 +283,14 @@ static ssize_t _nfs42_proc_copy(struct file *src,
status = handle_async_copy(res, server, src, dst,
&args->src_stateid);
if (status)
- return status;
+ goto out;
}
if ((!res->synchronous || !args->sync) &&
res->write_res.verifier.committed != NFS_FILE_SYNC) {
status = process_copy_commit(dst, pos_dst, res);
if (status)
- return status;
+ goto out;
}
truncate_pagecache_range(dst_inode, pos_dst,
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH AUTOSEL 4.19 248/252] NFSv4: try lease recovery on NFS4ERR_EXPIRED
[not found] <20200214161147.15842-1-sashal@kernel.org>
` (4 preceding siblings ...)
2020-02-14 16:11 ` [PATCH AUTOSEL 4.19 247/252] NFS: Fix memory leaks Sasha Levin
@ 2020-02-14 16:11 ` Sasha Levin
5 siblings, 0 replies; 6+ messages in thread
From: Sasha Levin @ 2020-02-14 16:11 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Robert Milkowski, Trond Myklebust, Anna Schumaker, Sasha Levin,
linux-nfs
From: Robert Milkowski <rmilkowski@gmail.com>
[ Upstream commit 924491f2e476f7234d722b24171a4daff61bbe13 ]
Currently, if an nfs server returns NFS4ERR_EXPIRED to open(),
we return EIO to applications without even trying to recover.
Fixes: 272289a3df72 ("NFSv4: nfs4_do_handle_exception() handle revoke/expiry of a single stateid")
Signed-off-by: Robert Milkowski <rmilkowski@gmail.com>
Reviewed-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/nfs/nfs4proc.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 7834b325394fc..fad795041d324 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -3089,6 +3089,11 @@ static struct nfs4_state *nfs4_do_open(struct inode *dir,
exception.retry = 1;
continue;
}
+ if (status == -NFS4ERR_EXPIRED) {
+ nfs4_schedule_lease_recovery(server->nfs_client);
+ exception.retry = 1;
+ continue;
+ }
if (status == -EAGAIN) {
/* We must have found a delegation */
exception.retry = 1;
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-02-14 17:14 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20200214161147.15842-1-sashal@kernel.org>
2020-02-14 16:07 ` [PATCH AUTOSEL 4.19 003/252] nfsd4: avoid NULL deference on strange COPY compounds Sasha Levin
2020-02-14 16:08 ` [PATCH AUTOSEL 4.19 031/252] nfs: NFS_SWAP should depend on SWAP Sasha Levin
2020-02-14 16:10 ` [PATCH AUTOSEL 4.19 175/252] NFS: Revalidate the file size on a fatal write error Sasha Levin
2020-02-14 16:10 ` [PATCH AUTOSEL 4.19 176/252] NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() Sasha Levin
2020-02-14 16:11 ` [PATCH AUTOSEL 4.19 247/252] NFS: Fix memory leaks Sasha Levin
2020-02-14 16:11 ` [PATCH AUTOSEL 4.19 248/252] NFSv4: try lease recovery on NFS4ERR_EXPIRED Sasha Levin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).