| Message ID | 1303301376.21523.7.camel@dhcp-1-119.fab.redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Wed, Apr 20, 2011 at 01:09:35PM +0100, Sachin Prabhu wrote: > An open on a NFS4 share using the O_CREAT flag on an existing file for > which we have permissions to open but contained in a directory with no > write permissions will fail with EACCES. > > A tcpdump shows that the client had set the open mode to UNCHECKED which > indicates that the file should be created if it doesn't exist and > encountering an existing flag is not an error. Since in this case the > file exists and can be opened by the user, the NFS server is wrong in > attempting to check create permissions on the parent directory. > > The patch adds a conditional statement to check for create permissions > only if the file doesn't exist. That looks correct to me, thanks. It's a bad bug, but appears to be one we've lived with a long time, so I'm a bit up in the air whether to submit now for 2.6.39 or to queue up for 2.6.40. --b. > > Signed-off-by: Sachin S. Prabhu <sprabhu@redhat.com> > > diff -up linux-2.6/fs/nfsd/vfs.c.bz683372 linux-2.6/fs/nfsd/vfs.c > --- linux-2.6/fs/nfsd/vfs.c.bz683372 2011-04-20 13:03:54.021040329 +0100 > +++ linux-2.6/fs/nfsd/vfs.c 2011-04-20 13:05:21.551858218 +0100 > @@ -1363,7 +1363,7 @@ nfsd_create_v3(struct svc_rqst *rqstp, s > goto out; > if (!(iap->ia_valid & ATTR_MODE)) > iap->ia_mode = 0; > - err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE); > + err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_EXEC); > if (err) > goto out; > > @@ -1385,6 +1385,13 @@ nfsd_create_v3(struct svc_rqst *rqstp, s > if (IS_ERR(dchild)) > goto out_nfserr; > > + /* If file doesn't exist, check for permissions to create one */ > + if (!dchild->d_inode) { > + err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE); > + if (err) > + goto out; > + } > + > err = fh_compose(resfhp, fhp->fh_export, dchild, fhp); > if (err) > goto out; > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff -up linux-2.6/fs/nfsd/vfs.c.bz683372 linux-2.6/fs/nfsd/vfs.c --- linux-2.6/fs/nfsd/vfs.c.bz683372 2011-04-20 13:03:54.021040329 +0100 +++ linux-2.6/fs/nfsd/vfs.c 2011-04-20 13:05:21.551858218 +0100 @@ -1363,7 +1363,7 @@ nfsd_create_v3(struct svc_rqst *rqstp, s goto out; if (!(iap->ia_valid & ATTR_MODE)) iap->ia_mode = 0; - err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE); + err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_EXEC); if (err) goto out; @@ -1385,6 +1385,13 @@ nfsd_create_v3(struct svc_rqst *rqstp, s if (IS_ERR(dchild)) goto out_nfserr; + /* If file doesn't exist, check for permissions to create one */ + if (!dchild->d_inode) { + err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE); + if (err) + goto out; + } + err = fh_compose(resfhp, fhp->fh_export, dchild, fhp); if (err) goto out;
An open on a NFS4 share using the O_CREAT flag on an existing file for which we have permissions to open but contained in a directory with no write permissions will fail with EACCES. A tcpdump shows that the client had set the open mode to UNCHECKED which indicates that the file should be created if it doesn't exist and encountering an existing flag is not an error. Since in this case the file exists and can be opened by the user, the NFS server is wrong in attempting to check create permissions on the parent directory. The patch adds a conditional statement to check for create permissions only if the file doesn't exist. Signed-off-by: Sachin S. Prabhu <sprabhu@redhat.com> -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html