[PATCH] NFS: Fix access on first execute of uncached file

linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Weston Andros Adamson <dros@netapp.com>
To: Trond.Myklebust@netapp.com
Cc: linux-nfs@vger.kernel.org, Weston Andros Adamson <dros@netapp.com>
Subject: [PATCH] NFS: Fix access on first execute of uncached file
Date: Tue, 28 Aug 2012 14:26:26 -0400	[thread overview]
Message-ID: <1346178386-7345-1-git-send-email-dros@netapp.com> (raw)

The client currently fails to execute a file that is executable but not
readable -- but only on the first reference of that file.
If the file has been referenced and has a inode linked into the namei cache,
everything works as expected:

simple script:

 $ sudo mount -o v4 zero:/export /mnt
 $ ls -l /mnt/test.sh
 --wx-wx--x 1 dros dros 26 Aug 28  2012 /mnt/test.sh
 $ cat /mnt/test.sh
 #!/bin/sh

 echo "success"
 $ sudo umount /mnt

first access makes execute fail, subsequent accesses succeed:

 $ sudo mount -o v4 zero:/export /mnt
 $ /mnt/test.sh
 -bash: /mnt/test.sh: /bin/sh: bad interpreter: Permission denied
 $ /mnt/test.sh
 success
 $ sudo umount /mnt

On the wire, the first execute calls ACCESS with the mask MAY_EXEC|MAY_READ,
while subsequent calls use just MAY_EXEC.

Any reference to the file inode before the first execute will result in
expected behavior:

 $ sudo mount -o v4 zero:/export /mnt
 $ ls -l /mnt/test.sh
 --wx-wx--x 1 dros dros 26 Aug 28 11:52 /mnt/test.sh
 $ /mnt/test.sh
 success

Only OPENs as the first reference will use nfs_open_permission_mask() to
create the ACCESS mask.  If the file has an inode associated with it, it
will use nfs_permission which is passed the (correct) access bits from VFS
instead of mapping from an openmode.

Signed-off-by: Weston Andros Adamson <dros@netapp.com>
---

This patch is an RFC. I'm not sure if this is the correct way to fix the
issue and I'm open to suggestions!

Thanks!
 -dros

 fs/nfs/dir.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
index 627f108..3fefdaf 100644
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -2132,7 +2132,8 @@ static int nfs_open_permission_mask(int openflags)
 {
 	int mask = 0;

-	if ((openflags & O_ACCMODE) != O_WRONLY)
+	if (((openflags & O_ACCMODE) != O_WRONLY) &&
+	    !(openflags & __FMODE_EXEC))
 		mask |= MAY_READ;
 	if ((openflags & O_ACCMODE) != O_RDONLY)
 		mask |= MAY_WRITE;
-- 
1.7.9.6 (Apple Git-31.1)

                 reply	other threads:[~2012-08-28 18:26 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:627f108 dfblob:3fefdaf )
 OR (
bs:"[PATCH] NFS: Fix access on first execute of uncached file" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1346178386-7345-1-git-send-email-dros@netapp.com \
    --to=dros@netapp.com \
    --cc=Trond.Myklebust@netapp.com \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).