| 1 |
From 972f8bb83a83f1d7c40353430af15a50e477bd4d Mon Sep 17 00:00:00 2001 |
| 2 |
From: Sasha Levin <sashal@kernel.org> |
| 3 |
Date: Thu, 18 Aug 2022 15:07:05 -0400 |
| 4 |
Subject: NFSv4.2 fix problems with __nfs42_ssc_open |
| 5 |
|
| 6 |
From: Olga Kornievskaia <kolga@netapp.com> |
| 7 |
|
| 8 |
[ Upstream commit fcfc8be1e9cf2f12b50dce8b579b3ae54443a014 ] |
| 9 |
|
| 10 |
A destination server while doing a COPY shouldn't accept using the |
| 11 |
passed in filehandle if its not a regular filehandle. |
| 12 |
|
| 13 |
If alloc_file_pseudo() has failed, we need to decrement a reference |
| 14 |
on the newly created inode, otherwise it leaks. |
| 15 |
|
| 16 |
Reported-by: Al Viro <viro@zeniv.linux.org.uk> |
| 17 |
Fixes: ec4b092508982 ("NFS: inter ssc open") |
| 18 |
Signed-off-by: Olga Kornievskaia <kolga@netapp.com> |
| 19 |
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> |
| 20 |
Signed-off-by: Sasha Levin <sashal@kernel.org> |
| 21 |
--- |
| 22 |
fs/nfs/nfs4file.c | 6 ++++++ |
| 23 |
1 file changed, 6 insertions(+) |
| 24 |
|
| 25 |
diff --git a/fs/nfs/nfs4file.c b/fs/nfs/nfs4file.c |
| 26 |
index e88f6b18445ec..9eb1812878795 100644 |
| 27 |
--- a/fs/nfs/nfs4file.c |
| 28 |
+++ b/fs/nfs/nfs4file.c |
| 29 |
@@ -340,6 +340,11 @@ static struct file *__nfs42_ssc_open(struct vfsmount *ss_mnt, |
| 30 |
goto out; |
| 31 |
} |
| 32 |
|
| 33 |
+ if (!S_ISREG(fattr->mode)) { |
| 34 |
+ res = ERR_PTR(-EBADF); |
| 35 |
+ goto out; |
| 36 |
+ } |
| 37 |
+ |
| 38 |
res = ERR_PTR(-ENOMEM); |
| 39 |
len = strlen(SSC_READ_NAME_BODY) + 16; |
| 40 |
read_name = kzalloc(len, GFP_KERNEL); |
| 41 |
@@ -357,6 +362,7 @@ static struct file *__nfs42_ssc_open(struct vfsmount *ss_mnt, |
| 42 |
r_ino->i_fop); |
| 43 |
if (IS_ERR(filep)) { |
| 44 |
res = ERR_CAST(filep); |
| 45 |
+ iput(r_ino); |
| 46 |
goto out_free_name; |
| 47 |
} |
| 48 |
|
| 49 |
-- |
| 50 |
2.35.1 |
| 51 |
|
Parent Directory
| 
Revision Log