This is a note to let you know that I've just added the patch titled
NFSv4.1: Fix a protocol issue with CLOSE stateids
to the 4.1-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
nfsv4.1-fix-a-protocol-issue-with-close-stateids.patch
and it can be found in the queue-4.1 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 4a1e2feb9d246775dee0f78ed5b18826bae2b1c5 Mon Sep 17 00:00:00 2001
From: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>
Date: Sun, 30 Aug 2015 18:37:59 -0700
Subject: NFSv4.1: Fix a protocol issue with CLOSE stateids
From: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>
commit 4a1e2feb9d246775dee0f78ed5b18826bae2b1c5 upstream.
According to RFC5661 Section 18.2.4, CLOSE is supposed to return
the zero stateid. This means that nfs_clear_open_stateid_locked()
cannot assume that the result stateid will always match the 'other'
field of the existing open stateid when trying to determine a race
with a parallel OPEN.
Instead, we look at the argument, and check for matches.
Signed-off-by: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/nfs/nfs4proc.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -1216,6 +1216,7 @@ static void nfs_resync_open_stateid_lock
}
static void nfs_clear_open_stateid_locked(struct nfs4_state *state,
+ nfs4_stateid *arg_stateid,
nfs4_stateid *stateid, fmode_t fmode)
{
clear_bit(NFS_O_RDWR_STATE, &state->flags);
@@ -1234,8 +1235,9 @@ static void nfs_clear_open_stateid_locke
if (stateid == NULL)
return;
/* Handle races with OPEN */
- if (!nfs4_stateid_match_other(stateid, &state->open_stateid) ||
- !nfs4_stateid_is_newer(stateid, &state->open_stateid)) {
+ if (!nfs4_stateid_match_other(arg_stateid, &state->open_stateid) ||
+ (nfs4_stateid_match_other(stateid, &state->open_stateid) &&
+ !nfs4_stateid_is_newer(stateid, &state->open_stateid))) {
nfs_resync_open_stateid_locked(state);
return;
}
@@ -1244,10 +1246,12 @@ static void nfs_clear_open_stateid_locke
nfs4_stateid_copy(&state->open_stateid, stateid);
}
-static void nfs_clear_open_stateid(struct nfs4_state *state, nfs4_stateid *stateid, fmode_t fmode)
+static void nfs_clear_open_stateid(struct nfs4_state *state,
+ nfs4_stateid *arg_stateid,
+ nfs4_stateid *stateid, fmode_t fmode)
{
write_seqlock(&state->seqlock);
- nfs_clear_open_stateid_locked(state, stateid, fmode);
+ nfs_clear_open_stateid_locked(state, arg_stateid, stateid, fmode);
write_sequnlock(&state->seqlock);
if (test_bit(NFS_STATE_RECLAIM_NOGRACE, &state->flags))
nfs4_schedule_state_manager(state->owner->so_server->nfs_client);
@@ -2672,7 +2676,8 @@ static void nfs4_close_done(struct rpc_t
goto out_release;
}
}
- nfs_clear_open_stateid(state, res_stateid, calldata->arg.fmode);
+ nfs_clear_open_stateid(state, &calldata->arg.stateid,
+ res_stateid, calldata->arg.fmode);
out_release:
nfs_release_seqid(calldata->arg.seqid);
nfs_refresh_inode(calldata->inode, calldata->res.fattr);
Patches currently in stable-queue which might be from trond.myklebust@xxxxxxxxxxxxxxx are
queue-4.1/nfs41-flexfiles-zero-out-ds-write-wcc.patch
queue-4.1/nfs-nfs_set_pgio_error-sometimes-misses-errors.patch
queue-4.1/nfs-fix-a-null-pointer-dereference-of-migration-recovery-ops-for-v4.2-client.patch
queue-4.1/sunrpc-xs_reset_transport-must-mark-the-connection-as-disconnected.patch
queue-4.1/nfs-don-t-let-the-ctime-override-attribute-barriers.patch
queue-4.1/sunrpc-fix-a-thinko-in-xs_connect.patch
queue-4.1/nfsv4-don-t-set-setattr-for-o_rdonly-o_excl.patch
queue-4.1/nfs41-flexfiles-update-inode-after-write-finishes.patch
queue-4.1/nfsv4.1-pnfs-fix-borken-function-_same_data_server_addrs_locked.patch
queue-4.1/nfsv4-force-a-post-op-attribute-update-when-holding-a-delegation.patch
queue-4.1/nfsv4-pnfs-ensure-we-don-t-miss-a-file-extension.patch
queue-4.1/nfsv4.1-flexfiles-fix-a-protocol-error-in-layoutreturn.patch
queue-4.1/revert-nfsv4-remove-incorrect-check-in-can_open_delegated.patch
queue-4.1/nfsv4.1-fix-a-protocol-issue-with-close-stateids.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html