forge/linux-pinenote
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NFSv4.1: Fix a protocol issue with CLOSE stateids

Browse source 
According to RFC5661 Section 18.2.4, CLOSE is supposed to return
the zero stateid. This means that nfs_clear_open_stateid_locked()
cannot assume that the result stateid will always match the 'other'
field of the existing open stateid when trying to determine a race
with a parallel OPEN.

Instead, we look at the argument, and check for matches.

Cc: stable@vger.kernel.org # v4.0+
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
This commit is contained in:
Trond Myklebust 2015-08-30 18:37:59 -07:00
parent 90816d1dda
commit 4a1e2feb9d
1 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
fs/nfs/nfs4proc.c
View file

@ -1231,6 +1231,7 @@ static void nfs_resync_open_stateid_locked(struct nfs4_state *state)
} }
static void nfs_clear_open_stateid_locked(struct nfs4_state *state, static void nfs_clear_open_stateid_locked(struct nfs4_state *state,
nfs4_stateid *arg_stateid,
nfs4_stateid *stateid, fmode_t fmode) nfs4_stateid *stateid, fmode_t fmode)
{ {
clear_bit(NFS_O_RDWR_STATE, &state->flags); clear_bit(NFS_O_RDWR_STATE, &state->flags);
@ -1249,8 +1250,9 @@ static void nfs_clear_open_stateid_locked(struct nfs4_state *state,
if (stateid == NULL) if (stateid == NULL)
return; return;
/* Handle races with OPEN */ /* Handle races with OPEN */
if (!nfs4_stateid_match_other(stateid, &state->open_stateid) || if (!nfs4_stateid_match_other(arg_stateid, &state->open_stateid) ||
!nfs4_stateid_is_newer(stateid, &state->open_stateid)) { (nfs4_stateid_match_other(stateid, &state->open_stateid) &&
!nfs4_stateid_is_newer(stateid, &state->open_stateid))) {
nfs_resync_open_stateid_locked(state); nfs_resync_open_stateid_locked(state);
return; return;
} }
@ -1259,10 +1261,12 @@ static void nfs_clear_open_stateid_locked(struct nfs4_state *state,
nfs4_stateid_copy(&state->open_stateid, stateid); nfs4_stateid_copy(&state->open_stateid, stateid);
} }
static void nfs_clear_open_stateid(struct nfs4_state *state, nfs4_stateid *stateid, fmode_t fmode) static void nfs_clear_open_stateid(struct nfs4_state *state,
nfs4_stateid *arg_stateid,
nfs4_stateid *stateid, fmode_t fmode)
{ {
write_seqlock(&state->seqlock); write_seqlock(&state->seqlock);
nfs_clear_open_stateid_locked(state, stateid, fmode); nfs_clear_open_stateid_locked(state, arg_stateid, stateid, fmode);
write_sequnlock(&state->seqlock); write_sequnlock(&state->seqlock);
if (test_bit(NFS_STATE_RECLAIM_NOGRACE, &state->flags)) if (test_bit(NFS_STATE_RECLAIM_NOGRACE, &state->flags))
nfs4_schedule_state_manager(state->owner->so_server->nfs_client); nfs4_schedule_state_manager(state->owner->so_server->nfs_client);
@ -2707,7 +2711,8 @@ static void nfs4_close_done(struct rpc_task *task, void *data)
goto out_release; goto out_release;
} }
} }
nfs_clear_open_stateid(state, res_stateid, calldata->arg.fmode); nfs_clear_open_stateid(state, &calldata->arg.stateid,
res_stateid, calldata->arg.fmode);
out_release: out_release:
nfs_release_seqid(calldata->arg.seqid); nfs_release_seqid(calldata->arg.seqid);
nfs_refresh_inode(calldata->inode, calldata->res.fattr); nfs_refresh_inode(calldata->inode, calldata->res.fattr);