On Fri, Aug 19, 2022 at 11:42 AM <dai.ngo@xxxxxxxxxx> wrote:
>
>
> On 8/19/22 7:22 AM, Olga Kornievskaia wrote:
> > On Thu, Aug 18, 2022 at 10:52 PM <dai.ngo@xxxxxxxxxx> wrote:
> >>
> >> On 8/18/22 6:13 AM, Olga Kornievskaia wrote:
> >>> On Thu, Aug 18, 2022 at 1:52 AM Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
> >>>> On Thu, Aug 18, 2022 at 08:19:54AM +0300, Amir Goldstein wrote:
> >>>>
> >>>>> NFS spec does not guarantee the safety of the server.
> >>>>> It's like saying that the Law makes Crime impossible.
> >>>>> The law needs to be enforced, so if server gets a request
> >>>>> to COPY from/to an fhandle that resolves as a non-regular file
> >>>>> (from a rogue or buggy NFS client) the server should return an
> >>>>> error and not continue to alloc_file_pseudo().
> >>>> FWIW, my preference would be to have alloc_file_pseudo() reject
> >>>> directory inodes if it ever gets such.
> >>>>
> >>>> I'm still not sure that my (and yours, apparently) interpretation
> >>>> of what Olga said is correct, though.
> >>> Would it be appropriate to do the following then:
> >>>
> >>> diff --git a/fs/nfs/nfs4file.c b/fs/nfs/nfs4file.c
> >>> index e88f6b18445e..112134b6438d 100644
> >>> --- a/fs/nfs/nfs4file.c
> >>> +++ b/fs/nfs/nfs4file.c
> >>> @@ -340,6 +340,11 @@ static struct file *__nfs42_ssc_open(struct
> >>> vfsmount *ss_mnt,
> >>> goto out;
> >>> }
> >>>
> >>> + if (S_ISDIR(fattr->mode)) {
> >>> + res = ERR_PTR(-EBADF);
> >>> + goto out;
> >>> + }
> >>> +
> >> Can we also enhance nfsd4_do_async_copy to check for
> >> -EBADF and returns nfserr_wrong_type? perhaps adding
> >> an error mapping function to handle other errors also.
> > On the server side, if the open fails that's already translated into
> > the appropriate error -- err_off_load_denied.
>
> Currently the server returns nfserr_offload_denied if the open
> fails for any reasons. I'm wondering whether the server should
> return more accurate error code such as if the source file handle
> is a wrong type then the server should return nfserr_wrong_type,
> instead of nfserr_offload_denied, to match the spec:
>
> Both SAVED_FH and CURRENT_FH must be regular files. If either
> SAVED_FH or CURRENT_FH is not a regular file, the operation MUST fail
> and return NFS4ERR_WRONG_TYPE.
Ok sure. That's a relevant but a separate patch.
>
> -Dai
>
> >
> >> -Dai
> >>
> >>> res = ERR_PTR(-ENOMEM);
> >>> len = strlen(SSC_READ_NAME_BODY) + 16;
> >>> read_name = kzalloc(len, GFP_KERNEL);
> >>> @@ -357,6 +362,7 @@ static struct file *__nfs42_ssc_open(struct
> >>> vfsmount *ss_mnt,
> >>> r_ino->i_fop);
> >>> if (IS_ERR(filep)) {
> >>> res = ERR_CAST(filep);
> >>> + iput(r_ino);
> >>> goto out_free_name;
> >>> }
