From patchwork Sun Jul 24 20:21:50 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J. Bruce Fields" X-Patchwork-Id: 9245035 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id AC19D60757 for ; Sun, 24 Jul 2016 20:21:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9A95925819 for ; Sun, 24 Jul 2016 20:21:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8C81B262FF; Sun, 24 Jul 2016 20:21:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0876B25819 for ; Sun, 24 Jul 2016 20:21:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752098AbcGXUVx (ORCPT ); Sun, 24 Jul 2016 16:21:53 -0400 Received: from fieldses.org ([173.255.197.46]:38628 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751973AbcGXUVx (ORCPT ); Sun, 24 Jul 2016 16:21:53 -0400 Received: by fieldses.org (Postfix, from userid 2815) id 07DC223D2; Sun, 24 Jul 2016 16:21:51 -0400 (EDT) Date: Sun, 24 Jul 2016 16:21:50 -0400 From: "J. Bruce Fields" To: Al Viro Cc: "J. Bruce Fields" , Oleg Drokin , Jeff Layton , linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 3/7] nfsd: remove redundant i_lookup check Message-ID: <20160724202150.GA25100@fieldses.org> References: <1469209736-6490-1-git-send-email-bfields@redhat.com> <1469209736-6490-4-git-send-email-bfields@redhat.com> <20160724002152.GN2356@ZenIV.linux.org.uk> <20160724121014.GA20985@fieldses.org> <20160724142306.GO2356@ZenIV.linux.org.uk> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20160724142306.GO2356@ZenIV.linux.org.uk> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On Sun, Jul 24, 2016 at 03:23:07PM +0100, Al Viro wrote: > On Sun, Jul 24, 2016 at 08:10:14AM -0400, J. Bruce Fields wrote: > > On Sun, Jul 24, 2016 at 01:22:06AM +0100, Al Viro wrote: > > > On Fri, Jul 22, 2016 at 01:48:52PM -0400, J. Bruce Fields wrote: > > > > From: "J. Bruce Fields" > > > > > > > > I'm not sure why this was added. It doesn't seem necessary, and no > > > > other caller does this. > > > > > > lookup_one_len() will explode if you call it for non-directory (== > > > !d_can_lookup(), i.e. something without ->lookup()). So unless the callers > > > do guarantee that check being true, it *is* needed. > > > > Both callers call fh_verify(.,.,S_IFDIR,.), so at this point we know > > that i_mode & S_IFMT == S_IFDIR. Is there some odd case where that's > > insufficient? If so, I think there may be bugs elsewhere in nfsd. If > > not, I'll add a note to the changelog. > > First of all, such objects do exist; they probably won't be encountered by > nfsd and all instances I can think of are not writable, but... > > > Thanks for reminding me to check this, I hadn't thought of that as an > > "is this a directory" check, it makes more sense now. > > I'd have turned that into d_can_lookup(fhp->fh_dentry), actually. So would such a check mainly just protect developers from themselves if they try to make a weird filesystems exportable? If we need to catch this I'd rather do it in fh_verify, which would cover some other operations, too. Maybe like the below. We could be nicer and WARN()/error out instead of BUG. But it's unclear to me whether this case is worth checking for at all. --b. --- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c index 27250e279c37..372747a00214 100644 --- a/fs/nfsd/nfsfh.c +++ b/fs/nfsd/nfsfh.c @@ -59,14 +59,17 @@ static int nfsd_acceptable(void *expv, struct dentry *dentry) * the write call). */ static inline __be32 -nfsd_mode_check(struct svc_rqst *rqstp, umode_t mode, umode_t requested) +nfsd_mode_check(struct svc_rqst *rqstp, struct dentry *dentry, + umode_t requested) { - mode &= S_IFMT; + umode_t mode = d_inode(dentry)->i_mode & S_IFMT; if (requested == 0) /* the caller doesn't care */ return nfs_ok; - if (mode == requested) + if (mode == requested) { + BUG_ON(mode == S_IFDIR && !d_can_lookup(dentry)); return nfs_ok; + } /* * v4 has an error more specific than err_notdir which we should * return in preference to err_notdir: @@ -340,7 +343,7 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, umode_t type, int access) if (error) goto out; - error = nfsd_mode_check(rqstp, d_inode(dentry)->i_mode, type); + error = nfsd_mode_check(rqstp, dentry, type); if (error) goto out;