From: Andi Kleen <andi@firstfloor.org>
To: sprabhu@redhat.com, bfields@redhat.com, gregkh@suse.de,
ak@linux.intel.com, linux-kernel@vger.kernel.org,
stable@kernel.org, tim.bird@am.sony.com,
linux-kernel@vger.kernel.org, stable@vger.kernel.org
Subject: [PATCH] [28/98] Open with O_CREAT flag set fails to open existing files on non writable directories
Date: Tue, 26 Jul 2011 17:35:20 -0700 (PDT) [thread overview]
Message-ID: <20110727003520.761392403FF@tassilo.jf.intel.com> (raw)
In-Reply-To: <20110726534.972201586@firstfloor.org>
2.6.35-longterm review patch. If anyone has any objections, please let me know.
------------------
From: Sachin Prabhu <sprabhu@redhat.com>
commit 1574dff8996ab1ed92c09012f8038b5566fce313 upstream.
An open on a NFS4 share using the O_CREAT flag on an existing file for
which we have permissions to open but contained in a directory with no
write permissions will fail with EACCES.
A tcpdump shows that the client had set the open mode to UNCHECKED which
indicates that the file should be created if it doesn't exist and
encountering an existing flag is not an error. Since in this case the
file exists and can be opened by the user, the NFS server is wrong in
attempting to check create permissions on the parent directory.
The patch adds a conditional statement to check for create permissions
only if the file doesn't exist.
Signed-off-by: Sachin S. Prabhu <sprabhu@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Andi Kleen <ak@linux.intel.com>
---
fs/nfsd/vfs.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
Index: linux-2.6.35.y/fs/nfsd/vfs.c
===================================================================
--- linux-2.6.35.y.orig/fs/nfsd/vfs.c
+++ linux-2.6.35.y/fs/nfsd/vfs.c
@@ -1386,7 +1386,7 @@ nfsd_create_v3(struct svc_rqst *rqstp, s
goto out;
if (!(iap->ia_valid & ATTR_MODE))
iap->ia_mode = 0;
- err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE);
+ err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_EXEC);
if (err)
goto out;
@@ -1408,6 +1408,13 @@ nfsd_create_v3(struct svc_rqst *rqstp, s
if (IS_ERR(dchild))
goto out_nfserr;
+ /* If file doesn't exist, check for permissions to create one */
+ if (!dchild->d_inode) {
+ err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE);
+ if (err)
+ goto out;
+ }
+
err = fh_compose(resfhp, fhp->fh_export, dchild, fhp);
if (err)
goto out;
next prev parent reply other threads:[~2011-07-27 0:38 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-27 0:34 [PATCH] [0/98] 2.6.35.14 longterm review Andi Kleen
2011-07-27 0:34 ` [PATCH] [1/98] kbuild: Disable -Wunused-but-set-variable for gcc 4.6.0 Andi Kleen
2011-07-27 0:34 ` [PATCH] [2/98] kbuild: Fix passing -Wno-* options to gcc 4.4+ Andi Kleen
2011-07-27 0:34 ` [PATCH] [3/98] Add Andi Kleen as 2.6.35 longterm maintainer Andi Kleen
2011-07-27 0:34 ` [PATCH] [4/98] Remove the old V4L1 v4lgrab.c file Andi Kleen
2011-07-27 0:34 ` [PATCH] [5/98] agp: fix arbitrary kernel memory writes Andi Kleen
2011-07-27 0:34 ` [PATCH] [6/98] agp: fix OOM and buffer overflow Andi Kleen
2011-07-27 0:34 ` [PATCH] [7/98] i8k: Tell gcc that *regs gets clobbered Andi Kleen
2011-07-27 0:35 ` [PATCH] [8/98] Fix gcc 4.5.1 miscompiling drivers/char/i8k.c (again) Andi Kleen
2011-07-27 0:35 ` [PATCH] [9/98] USB: serial/usb_wwan, fix tty NULL dereference Andi Kleen
2011-07-27 0:35 ` [PATCH] [10/98] ipv6: add special mode accept_ra=2 to accept RA while configured as router Andi Kleen
2011-07-27 17:41 ` Stephen Clark
2011-07-27 20:11 ` Andi Kleen
2011-07-27 0:35 ` [PATCH] [11/98] mpt2sas: prevent heap overflows and unchecked reads Andi Kleen
2011-07-27 0:35 ` [PATCH] [12/98] slub: fix panic with DISCONTIGMEM Andi Kleen
2011-07-27 21:47 ` David Rientjes
2011-07-27 21:55 ` Andi Kleen
2011-07-27 0:35 ` [PATCH] [13/98] set memory ranges in N_NORMAL_MEMORY when onlined Andi Kleen
2011-07-27 0:35 ` [PATCH] [14/98] FLEXCOP-PCI: fix __xlate_proc_name-warning for flexcop-pci Andi Kleen
2011-07-27 0:35 ` [PATCH] [15/98] m68k/mm: Set all online nodes in N_NORMAL_MEMORY Andi Kleen
2011-07-27 0:35 ` [PATCH] [16/98] nfs: don't lose MS_SYNCHRONOUS on remount of noac mount Andi Kleen
2011-07-27 0:35 ` [PATCH] [17/98] NFSv4.1: Ensure state manager thread dies on last umount Andi Kleen
2011-07-27 0:35 ` [PATCH] [18/98] Input: xen-kbdfront - fix mouse getting stuck after save/restore Andi Kleen
2011-07-27 0:35 ` [PATCH] [19/98] pmcraid: reject negative request size Andi Kleen
2011-07-27 0:35 ` [PATCH] [20/98] put stricter guards on queue dead checks Andi Kleen
2011-07-27 0:35 ` [PATCH] [21/98] mmc: sdhci-pci: Fix error case in sdhci_pci_probe_slot() Andi Kleen
2011-07-27 0:35 ` [PATCH] [22/98] mmc: sdhci: Check mrq->cmd in sdhci_tasklet_finish Andi Kleen
2011-07-27 0:35 ` [PATCH] [23/98] mmc: sdhci: Check mrq != NULL " Andi Kleen
2011-07-27 0:35 ` [PATCH] [24/98] USB: fix regression in usbip by setting has_tt flag Andi Kleen
2011-07-27 0:35 ` [PATCH] [25/98] x86, AMD: Fix APIC timer erratum 400 affecting K8 Rev.A-E processors Andi Kleen
2011-07-27 12:38 ` Boris Ostrovsky
2011-07-27 15:42 ` Andi Kleen
2011-07-27 16:06 ` Boris Ostrovsky
2011-07-27 20:13 ` Andi Kleen
2011-07-27 0:35 ` [PATCH] [26/98] af_unix: Only allow recv on connected seqpacket sockets Andi Kleen
2011-07-27 15:58 ` [stable] " Tim Gardner
2011-07-27 16:02 ` Andi Kleen
2011-07-27 19:23 ` Eric W. Biederman
2011-08-01 20:08 ` Andi Kleen
2011-08-01 20:43 ` Tim Gardner
2011-07-27 0:35 ` [PATCH] [27/98] ARM: 6891/1: prevent heap corruption in OABI semtimedop Andi Kleen
2011-07-27 0:35 ` Andi Kleen [this message]
2011-07-27 0:35 ` [PATCH] [29/98] can: Add missing socket check in can/bcm release Andi Kleen
2011-07-27 0:35 ` [PATCH] [30/98] fs/partitions/ldm.c: fix oops caused by corrupted partition table Andi Kleen
2011-07-27 0:35 ` [PATCH] [31/98] Input: elantech - discard the first 2 positions on some firmwares Andi Kleen
2011-07-27 0:35 ` [PATCH] [32/98] Staging: rtl8192su: Clean up in case of an error in module initialisation Andi Kleen
2011-07-27 0:35 ` [PATCH] [33/98] Staging: rtl8192su: Fix procfs code for interfaces not named wlan0 Andi Kleen
2011-07-27 0:35 ` [PATCH] [34/98] USB: teach "devices" file about Wireless and SuperSpeed USB Andi Kleen
2011-07-27 0:35 ` [PATCH] [35/98] SUNRPC: fix NFS client over TCP hangs due to packet loss (Bug 16494) Andi Kleen
2011-07-27 0:35 ` [PATCH] [36/98] nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3) Andi Kleen
2011-07-27 0:35 ` [PATCH] [37/98] nfs: fix compilation warning Andi Kleen
2011-07-27 0:35 ` [PATCH] [38/98] Fix corrupted OSF partition table parsing Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110727003520.761392403FF@tassilo.jf.intel.com \
--to=andi@firstfloor.org \
--cc=ak@linux.intel.com \
--cc=bfields@redhat.com \
--cc=gregkh@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=sprabhu@redhat.com \
--cc=stable@kernel.org \
--cc=stable@vger.kernel.org \
--cc=tim.bird@am.sony.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).