mirrors/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2025-11-04 10:40:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

VFS: we need to set LOOKUP_JUMPED on mountpoint crossing

Browse source 
Mountpoint crossing is similar to following procfs symlinks - we do
not get ->d_revalidate() called for dentry we have arrived at, with
unpleasant consequences for NFS4.

Simple way to reproduce the problem in mainline:

    cat >/tmp/a.c <<'EOF'
    #include <unistd.h>
    #include <fcntl.h>
    #include <stdio.h>
    main()
    {
            struct flock fl = {.l_type = F_RDLCK, .l_whence = SEEK_SET, .l_len = 1};
            if (fcntl(0, F_SETLK, &fl))
                    perror("setlk");
    }
    EOF
    cc /tmp/a.c -o /tmp/test

then on nfs4:

    mount --bind file1 file2
    /tmp/test < file1		# ok
    /tmp/test < file2		# spews "setlk: No locks available"...

What happens is the missing call of ->d_revalidate() after mountpoint
crossing and that's where NFS4 would issue OPEN request to server.

The fix is simple - treat mountpoint crossing the same way we deal with
following procfs-style symlinks.  I.e.  set LOOKUP_JUMPED...

Cc: stable@kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Al Viro 2011-11-07 21:21:26 +00:00 committed by Linus Torvalds
parent 54a0f91301
commit a3fbbde70a
1 changed files with 15 additions and 1 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

16
fs/namei.c
View file

@ -852,7 +852,7 @@ static int follow_managed(struct path *path, unsigned flags)
mntput(path->mnt); mntput(path->mnt);
if (ret == -EISDIR) if (ret == -EISDIR)
ret = 0; ret = 0;
return ret; return ret < 0 ? ret : need_mntput;
} }
int follow_down_one(struct path *path) int follow_down_one(struct path *path)
@ -900,6 +900,7 @@ static bool __follow_mount_rcu(struct nameidata *nd, struct path *path,
break; break;
path->mnt = mounted; path->mnt = mounted;
path->dentry = mounted->mnt_root; path->dentry = mounted->mnt_root;
nd->flags |= LOOKUP_JUMPED;
nd->seq = read_seqcount_begin(&path->dentry->d_seq); nd->seq = read_seqcount_begin(&path->dentry->d_seq);
/* /*
* Update the inode too. We don't need to re-check the * Update the inode too. We don't need to re-check the
@ -1213,6 +1214,8 @@ static int do_lookup(struct nameidata *nd, struct qstr *name,
path_put_conditional(path, nd); path_put_conditional(path, nd);
return err; return err;
} }
if (err)
nd->flags |= LOOKUP_JUMPED;
*inode = path->dentry->d_inode; *inode = path->dentry->d_inode;
return 0; return 0;
} }
@ -2146,6 +2149,10 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
} }
/* create side of things */ /* create side of things */
/*
* This will *only* deal with leaving RCU mode - LOOKUP_JUMPED has been
* cleared when we got to the last component we are about to look up
*/
error = complete_walk(nd); error = complete_walk(nd);
if (error) if (error)
return ERR_PTR(error); return ERR_PTR(error);
@ -2214,6 +2221,9 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
if (error < 0) if (error < 0)
goto exit_dput; goto exit_dput;
if (error)
nd->flags |= LOOKUP_JUMPED;
error = -ENOENT; error = -ENOENT;
if (!path->dentry->d_inode) if (!path->dentry->d_inode)
goto exit_dput; goto exit_dput;
@ -2223,6 +2233,10 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
path_to_nameidata(path, nd); path_to_nameidata(path, nd);
nd->inode = path->dentry->d_inode; nd->inode = path->dentry->d_inode;
/* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */
error = complete_walk(nd);
if (error)
goto exit;
error = -EISDIR; error = -EISDIR;
if (S_ISDIR(nd->inode->i_mode)) if (S_ISDIR(nd->inode->i_mode))
goto exit; goto exit;