Re: Open with O_CREAT flag set fails to open existing files on non writable directories

"J. Bruce Fields" <bfields@xxxxxxxxxxxx> · Wed, 20 Apr 2011 11:23:24 -0400

On Wed, Apr 20, 2011 at 01:09:35PM +0100, Sachin Prabhu wrote:
> An open on a NFS4 share using the O_CREAT flag on an existing file for
> which we have permissions to open but contained in a directory with no
> write permissions will fail with EACCES.
> 
> A tcpdump shows that the client had set the open mode to UNCHECKED which
> indicates that the file should be created if it doesn't exist and
> encountering an existing flag is not an error. Since in this case the
> file exists and can be opened by the user, the NFS server is wrong in
> attempting to check create permissions on the parent directory.
> 
> The patch adds a conditional statement to check for create permissions
> only if the file doesn't exist.

That looks correct to me, thanks.

It's a bad bug, but appears to be one we've lived with a long time, so
I'm a bit up in the air whether to submit now for 2.6.39 or to queue up
for 2.6.40.

--b.

> 
> Signed-off-by: Sachin S. Prabhu <sprabhu@xxxxxxxxxx>
> 
> diff -up linux-2.6/fs/nfsd/vfs.c.bz683372 linux-2.6/fs/nfsd/vfs.c
> --- linux-2.6/fs/nfsd/vfs.c.bz683372	2011-04-20 13:03:54.021040329 +0100
> +++ linux-2.6/fs/nfsd/vfs.c	2011-04-20 13:05:21.551858218 +0100
> @@ -1363,7 +1363,7 @@ nfsd_create_v3(struct svc_rqst *rqstp, s
>  		goto out;
>  	if (!(iap->ia_valid & ATTR_MODE))
>  		iap->ia_mode = 0;
> -	err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE);
> +	err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_EXEC);
>  	if (err)
>  		goto out;
>  
> @@ -1385,6 +1385,13 @@ nfsd_create_v3(struct svc_rqst *rqstp, s
>  	if (IS_ERR(dchild))
>  		goto out_nfserr;
>  
> +	/* If file doesn't exist, check for permissions to create one */
> +	if (!dchild->d_inode) {
> +		err = fh_verify(rqstp, fhp, S_IFDIR, NFSD_MAY_CREATE);
> +		if (err)
> +			goto out;
> +	}
> +
>  	err = fh_compose(resfhp, fhp->fh_export, dchild, fhp);
>  	if (err)
>  		goto out;
> 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html