From df66e75395c839c3a373bae897dbb1248f741b45 Mon Sep 17 00:00:00 2001 From: Harshula Jayasuriya Date: Tue, 23 Jul 2013 14:05:14 +1000 Subject: nfsd: nfs4_file_get_access: need to be more careful with O_RDWR If fi_fds = {non-NULL, NULL, non-NULL} and oflag = O_WRONLY the WARN_ON_ONCE(!(fp->fi_fds[oflag] || fp->fi_fds[O_RDWR])) doesn't trigger when it should. Signed-off-by: Harshula Jayasuriya Signed-off-by: J. Bruce Fields --- fs/nfsd/nfs4state.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) (limited to 'fs/nfsd') diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index 280acef6f0dc..1cb621131b00 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -282,19 +282,14 @@ static unsigned int file_hashval(struct inode *ino) static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; -static void __nfs4_file_get_access(struct nfs4_file *fp, int oflag) -{ - WARN_ON_ONCE(!(fp->fi_fds[oflag] || fp->fi_fds[O_RDWR])); - atomic_inc(&fp->fi_access[oflag]); -} - static void nfs4_file_get_access(struct nfs4_file *fp, int oflag) { + WARN_ON_ONCE(!fp->fi_fds[oflag]); if (oflag == O_RDWR) { - __nfs4_file_get_access(fp, O_RDONLY); - __nfs4_file_get_access(fp, O_WRONLY); + atomic_inc(&fp->fi_access[O_RDONLY]); + atomic_inc(&fp->fi_access[O_WRONLY]); } else - __nfs4_file_get_access(fp, oflag); + atomic_inc(&fp->fi_access[oflag]); } static void nfs4_file_put_fd(struct nfs4_file *fp, int oflag) -- cgit v1.2.3 From b1948a641daefe8d128749f3d419ed24d529a8ed Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Fri, 26 Jul 2013 16:57:20 -0400 Subject: nfsd4: fix setlease error return This actually makes a difference in the 4.1 case, since we use the status to decide what reason to give the client for the delegation refusal (see nfsd4_open_deleg_none_ext), and in theory a client might choose suboptimal behavior if we give the wrong answer. Reported-by: Jeff Layton Signed-off-by: J. Bruce Fields --- fs/nfsd/nfs4state.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs/nfsd') diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index 1cb621131b00..1852f5351b22 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -3028,7 +3028,7 @@ static int nfs4_setlease(struct nfs4_delegation *dp) if (status) { list_del_init(&dp->dl_perclnt); locks_free_lock(fl); - return -ENOMEM; + return status; } fp->fi_lease = fl; fp->fi_deleg_file = get_file(fl->fl_file); -- cgit v1.2.3 From 3477565e6a73da7bb50fce6ac718b31eddb37fbb Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Fri, 23 Aug 2013 17:55:18 -0400 Subject: Revert "nfsd: nfs4_file_get_access: need to be more careful with O_RDWR" This reverts commit df66e75395c839c3a373bae897dbb1248f741b45. nfsd4_lock can get a read-only or write-only reference when only a read-write open is available. This is normal. Cc: Harshula Jayasuriya Signed-off-by: J. Bruce Fields --- fs/nfsd/nfs4state.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'fs/nfsd') diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index 5e609b17ada4..eb9cf818002a 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -282,14 +282,19 @@ static unsigned int file_hashval(struct inode *ino) static struct hlist_head file_hashtbl[FILE_HASH_SIZE]; +static void __nfs4_file_get_access(struct nfs4_file *fp, int oflag) +{ + WARN_ON_ONCE(!(fp->fi_fds[oflag] || fp->fi_fds[O_RDWR])); + atomic_inc(&fp->fi_access[oflag]); +} + static void nfs4_file_get_access(struct nfs4_file *fp, int oflag) { - WARN_ON_ONCE(!fp->fi_fds[oflag]); if (oflag == O_RDWR) { - atomic_inc(&fp->fi_access[O_RDONLY]); - atomic_inc(&fp->fi_access[O_WRONLY]); + __nfs4_file_get_access(fp, O_RDONLY); + __nfs4_file_get_access(fp, O_WRONLY); } else - atomic_inc(&fp->fi_access[oflag]); + __nfs4_file_get_access(fp, oflag); } static void nfs4_file_put_fd(struct nfs4_file *fp, int oflag) -- cgit v1.2.3 From bf7bd3e98be5c74813bee6ad496139fb0a011b3b Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Thu, 15 Aug 2013 16:55:26 -0400 Subject: nfsd4: fix leak of inode reference on delegation failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes a regression from 68a3396178e6688ad7367202cdf0af8ed03c8727 "nfsd4: shut down more of delegation earlier". After that commit, nfs4_set_delegation() failures result in nfs4_put_delegation being called, but nfs4_put_delegation doesn't free the nfs4_file that has already been set by alloc_init_deleg(). This can result in an oops on later unmounting the exported filesystem. Note also delaying the fi_had_conflict check we're able to return a better error (hence give 4.1 clients a better idea why the delegation failed; though note CONFLICT isn't an exact match here, as that's supposed to indicate a current conflict, but all we know here is that there was one recently). Reported-by: Toralf Förster Tested-by: Toralf Förster Signed-off-by: J. Bruce Fields --- fs/nfsd/nfs4state.c | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) (limited to 'fs/nfsd') diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index eb9cf818002a..0874998a49cd 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -368,11 +368,8 @@ static struct nfs4_delegation * alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct svc_fh *current_fh) { struct nfs4_delegation *dp; - struct nfs4_file *fp = stp->st_file; dprintk("NFSD alloc_init_deleg\n"); - if (fp->fi_had_conflict) - return NULL; if (num_delegations > max_delegations) return NULL; dp = delegstateid(nfs4_alloc_stid(clp, deleg_slab)); @@ -389,8 +386,7 @@ alloc_init_deleg(struct nfs4_client *clp, struct nfs4_ol_stateid *stp, struct sv INIT_LIST_HEAD(&dp->dl_perfile); INIT_LIST_HEAD(&dp->dl_perclnt); INIT_LIST_HEAD(&dp->dl_recall_lru); - get_nfs4_file(fp); - dp->dl_file = fp; + dp->dl_file = NULL; dp->dl_type = NFS4_OPEN_DELEGATE_READ; fh_copy_shallow(&dp->dl_fh, ¤t_fh->fh_handle); dp->dl_time = 0; @@ -3044,22 +3040,35 @@ static int nfs4_setlease(struct nfs4_delegation *dp) return 0; } -static int nfs4_set_delegation(struct nfs4_delegation *dp) +static int nfs4_set_delegation(struct nfs4_delegation *dp, struct nfs4_file *fp) { - struct nfs4_file *fp = dp->dl_file; + int status; - if (!fp->fi_lease) - return nfs4_setlease(dp); + if (fp->fi_had_conflict) + return -EAGAIN; + get_nfs4_file(fp); + dp->dl_file = fp; + if (!fp->fi_lease) { + status = nfs4_setlease(dp); + if (status) + goto out_free; + return 0; + } spin_lock(&recall_lock); if (fp->fi_had_conflict) { spin_unlock(&recall_lock); - return -EAGAIN; + status = -EAGAIN; + goto out_free; } atomic_inc(&fp->fi_delegees); list_add(&dp->dl_perfile, &fp->fi_delegations); spin_unlock(&recall_lock); list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations); return 0; +out_free: + put_nfs4_file(fp); + dp->dl_file = fp; + return status; } static void nfsd4_open_deleg_none_ext(struct nfsd4_open *open, int status) @@ -3134,7 +3143,7 @@ nfs4_open_delegation(struct net *net, struct svc_fh *fh, dp = alloc_init_deleg(oo->oo_owner.so_client, stp, fh); if (dp == NULL) goto out_no_deleg; - status = nfs4_set_delegation(dp); + status = nfs4_set_delegation(dp, stp->st_file); if (status) goto out_free; -- cgit v1.2.3 From 248f807b479145194a83c5270440b3f51c1836d7 Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Wed, 28 Aug 2013 08:49:45 -0400 Subject: nfsd4: nfsd4_create_clid_dir prints uninitialized data Take the easy way out and just remove the printk. Reported-by: David Howells --- fs/nfsd/nfs4recover.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'fs/nfsd') diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c index 105a3b080d12..e0a65a9e37e9 100644 --- a/fs/nfsd/nfs4recover.c +++ b/fs/nfsd/nfs4recover.c @@ -173,8 +173,6 @@ nfsd4_create_clid_dir(struct nfs4_client *clp) int status; struct nfsd_net *nn = net_generic(clp->net, nfsd_net_id); - dprintk("NFSD: nfsd4_create_clid_dir for \"%s\"\n", dname); - if (test_and_set_bit(NFSD4_CLIENT_STABLE, &clp->cl_flags)) return; if (!nn->rec_file) -- cgit v1.2.3