diff options
author | Neil Brown <neilb@suse.de> | 2010-12-02 01:14:30 +0100 |
---|---|---|
committer | J. Bruce Fields <bfields@redhat.com> | 2010-12-08 17:44:04 +0100 |
commit | c1ac3ffcd0bc7e9617f62be8c7043d53ab84deac (patch) | |
tree | 174842d423f84a5a80cb0caed70815d174b516f9 /fs/nfsd/nfs3xdr.c | |
parent | sunrpc: prevent use-after-free on clearing XPT_BUSY (diff) | |
download | linux-c1ac3ffcd0bc7e9617f62be8c7043d53ab84deac.tar.xz linux-c1ac3ffcd0bc7e9617f62be8c7043d53ab84deac.zip |
nfsd: Fix possible BUG_ON firing in set_change_info
If vfs_getattr in fill_post_wcc returns an error, we don't
set fh_post_change.
For NFSv4, this can result in set_change_info triggering a BUG_ON.
i.e. fh_post_saved being zero isn't really a bug.
So:
- instead of BUGging when fh_post_saved is zero, just clear ->atomic.
- if vfs_getattr fails in fill_post_wcc, take a copy of i_ctime anyway.
This will be used i seg_change_info, but not overly trusted.
- While we are there, remove the pointless 'if' statements in set_change_info.
There is no harm setting all the values.
Signed-off-by: NeilBrown <neilb@suse.de>
Cc: stable@kernel.org
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd/nfs3xdr.c')
-rw-r--r-- | fs/nfsd/nfs3xdr.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c index 2a533a0af2a9..7e84a852cdae 100644 --- a/fs/nfsd/nfs3xdr.c +++ b/fs/nfsd/nfs3xdr.c @@ -260,9 +260,11 @@ void fill_post_wcc(struct svc_fh *fhp) err = vfs_getattr(fhp->fh_export->ex_path.mnt, fhp->fh_dentry, &fhp->fh_post_attr); fhp->fh_post_change = fhp->fh_dentry->d_inode->i_version; - if (err) + if (err) { fhp->fh_post_saved = 0; - else + /* Grab the ctime anyway - set_change_info might use it */ + fhp->fh_post_attr.ctime = fhp->fh_dentry->d_inode->i_ctime; + } else fhp->fh_post_saved = 1; } |