From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:47874 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752403AbdFLMuC (ORCPT ); Mon, 12 Jun 2017 08:50:02 -0400 Subject: Patch "NFSv4: Don't perform cached access checks before we've OPENed the file" has been added to the 4.4-stable tree To: trond.myklebust@primarydata.com, buczek@molgen.mpg.de, gregkh@linuxfoundation.org, pmenzel@molgen.mpg.de, viro@zeniv.linux.org.uk Cc: , From: Date: Mon, 12 Jun 2017 14:49:53 +0200 Message-ID: <14972717935496@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled NFSv4: Don't perform cached access checks before we've OPENed the file to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: nfsv4-don-t-perform-cached-access-checks-before-we-ve-opened-the-file.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From 762674f86d0328d5dc923c966e209e1ee59663f2 Mon Sep 17 00:00:00 2001 From: Trond Myklebust Date: Sat, 26 Dec 2015 21:54:58 -0500 Subject: NFSv4: Don't perform cached access checks before we've OPENed the file From: Trond Myklebust commit 762674f86d0328d5dc923c966e209e1ee59663f2 upstream. Donald Buczek reports that a nfs4 client incorrectly denies execute access based on outdated file mode (missing 'x' bit). After the mode on the server is 'fixed' (chmod +x) further execution attempts continue to fail, because the nfs ACCESS call updates the access parameter but not the mode parameter or the mode in the inode. The root cause is ultimately that the VFS is calling may_open() before the NFS client has a chance to OPEN the file and hence revalidate the access and attribute caches. Al Viro suggests: >>> Make nfs_permission() relax the checks when it sees MAY_OPEN, if you know >>> that things will be caught by server anyway? >> >> That can work as long as we're guaranteed that everything that calls >> inode_permission() with MAY_OPEN on a regular file will also follow up >> with a vfs_open() or dentry_open() on success. Is this always the >> case? > > 1) in do_tmpfile(), followed by do_dentry_open() (not reachable by NFS since > it doesn't have ->tmpfile() instance anyway) > > 2) in atomic_open(), after the call of ->atomic_open() has succeeded. > > 3) in do_last(), followed on success by vfs_open() > > That's all. All calls of inode_permission() that get MAY_OPEN come from > may_open(), and there's no other callers of that puppy. Reported-by: Donald Buczek Link: https://bugzilla.kernel.org/show_bug.cgi?id=109771 Link: http://lkml.kernel.org/r/1451046656-26319-1-git-send-email-buczek@molgen.mpg.de Cc: Al Viro Signed-off-by: Trond Myklebust Signed-off-by: Paul Menzel Signed-off-by: Greg Kroah-Hartman --- fs/nfs/dir.c | 3 +++ 1 file changed, 3 insertions(+) --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -2452,6 +2452,9 @@ int nfs_permission(struct inode *inode, case S_IFLNK: goto out; case S_IFREG: + if ((mask & MAY_OPEN) && + nfs_server_capable(inode, NFS_CAP_ATOMIC_OPEN)) + return 0; break; case S_IFDIR: /* Patches currently in stable-queue which might be from trond.myklebust@primarydata.com are queue-4.4/nfsd-fix-up-the-supattr_exclcreat-attributes.patch queue-4.4/nfsv4-don-t-perform-cached-access-checks-before-we-ve-opened-the-file.patch queue-4.4/nfs-ensure-we-revalidate-attributes-before-using-execute_ok.patch