On Wed, Dec 05, 2018 at 09:43:06AM +0800, zhengbin (A) wrote:
> second parameter of utime/utimes/lutimes is not NULL -------> maybe lutimes should be removed? I think "second parameter of utime/utimes is not NULL" would be better
Also fixed, thanks.--b.
>
> On 2018/12/5 9:37, J. Bruce Fields wrote:
> > On Wed, Dec 05, 2018 at 09:04:22AM +0800, zhengbin (A) wrote:
> >> thanks,
> >>>>> As the man(3) page for utime/utimes/lutimes, EPERM is returned
> >>
> >> -------->this should be As the man page for utime/utimes/lutimes, my little mistake. utime/utimes are man(2), lutimes is man(3)
> >>
> >> I send v2 patch?Or when you apply, help modify it?
> >
> > Does this look OK?
> >
> > --b.
> >
> > commit eb6d67589750
> > Author: zhengbin <zhengbin13@xxxxxxxxxx>
> > Date: Fri Nov 30 16:04:25 2018 +0800
> >
> > nfsd: Return EPERM, not EACCES, in some SETATTR cases
> >
> > As the man(2) page for utime/utimes states, EPERM is returned when the
> > second parameter of utime/utimes/lutimes is not NULL, the caller's
> > effective UID does not match the owner of the file, and the caller is
> > not privileged.
> >
> > However, in a NFS directory mounted from knfsd, it will return EACCES
> > (from nfsd_setattr-> fh_verify->nfsd_permission). This patch fixes
> > that.
> >
> > Signed-off-by: zhengbin <zhengbin13@xxxxxxxxxx>
> > Signed-off-by: J. Bruce Fields <bfields@xxxxxxxxxx>
> >
> > diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
> > index eb67098117b4..9824e32b2f23 100644
> > --- a/fs/nfsd/vfs.c
> > +++ b/fs/nfsd/vfs.c
> > @@ -396,10 +396,23 @@ nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
> > bool get_write_count;
> > bool size_change = (iap->ia_valid & ATTR_SIZE);
> >
> > - if (iap->ia_valid & (ATTR_ATIME | ATTR_MTIME | ATTR_SIZE))
> > + if (iap->ia_valid & ATTR_SIZE) {
> > accmode |= NFSD_MAY_WRITE|NFSD_MAY_OWNER_OVERRIDE;
> > - if (iap->ia_valid & ATTR_SIZE)
> > ftype = S_IFREG;
> > + }
> > +
> > + /*
> > + * If utimes(2) and friends are called with times not NULL, we should
> > + * not set NFSD_MAY_WRITE bit. Otherwise fh_verify->nfsd_permission
> > + * will return EACCESS, when the caller's effective UID does not match
> > + * the owner of the file, and the caller is not privileged. In this
> > + * situation, we should return EPERM(notify_change will return this).
> > + */
> > + if (iap->ia_valid & (ATTR_ATIME | ATTR_MTIME)) {
> > + accmode |= NFSD_MAY_OWNER_OVERRIDE;
> > + if (!(iap->ia_valid & (ATTR_ATIME_SET | ATTR_MTIME_SET)))
> > + accmode |= NFSD_MAY_WRITE;
> > + }
> >
> > /* Callers that do fh_verify should do the fh_want_write: */
> > get_write_count = !fhp->fh_dentry;
> >
> > .
> >
