diff options
| author | Yan, Zheng <zyan@redhat.com> | 2017-04-19 10:01:48 +0800 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2017-07-18 18:40:39 +0100 |
| commit | 51bd778ac81c5a822053853ad3efc169f9421cd8 (patch) | |
| tree | a62e39ae5fa734910ecdd5640cce5bf93b003fdf /fs/ceph | |
| parent | eacf80709104eeff28d0e556ddc4d49ac58015a6 (diff) | |
| download | linux-stable-51bd778ac81c5a822053853ad3efc169f9421cd8.tar.gz linux-stable-51bd778ac81c5a822053853ad3efc169f9421cd8.tar.bz2 linux-stable-51bd778ac81c5a822053853ad3efc169f9421cd8.zip | |
ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
commit 8179a101eb5f4ef0ac9a915fcea9a9d3109efa90 upstream.
ceph_set_acl() calls __ceph_setattr() if the setacl operation needs
to modify inode's i_mode. __ceph_setattr() updates inode's i_mode,
then calls posix_acl_chmod().
The problem is that __ceph_setattr() calls posix_acl_chmod() before
sending the setattr request. The get_acl() call in posix_acl_chmod()
can trigger a getxattr request. The reply of the getxattr request
can restore inode's i_mode to its old value. The set_acl() call in
posix_acl_chmod() sees old value of inode's i_mode, so it calls
__ceph_setattr() again.
Link: http://tracker.ceph.com/issues/19688
Reported-by: Jerry Lee <leisurelysw24@gmail.com>
Signed-off-by: "Yan, Zheng" <zyan@redhat.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Tested-by: Luis Henriques <lhenriques@suse.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
[bwh: Backported to 3.16: All the changes are made in ceph_setattr() as
there is no __ceph_setattr() function.]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'fs/ceph')
| -rw-r--r-- | fs/ceph/inode.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index 122d60506ab9..50efb2a5d3f6 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -1875,12 +1875,6 @@ int ceph_setattr(struct dentry *dentry, struct iattr *attr) if (inode_dirty_flags) __mark_inode_dirty(inode, inode_dirty_flags); - if (ia_valid & ATTR_MODE) { - err = posix_acl_chmod(inode, attr->ia_mode); - if (err) - goto out_put; - } - if (mask) { req->r_inode = inode; ihold(inode); @@ -1893,12 +1887,16 @@ int ceph_setattr(struct dentry *dentry, struct iattr *attr) ceph_cap_string(dirtied), mask); ceph_mdsc_put_request(req); - if (mask & CEPH_SETATTR_SIZE) + + if (err >= 0 && (mask & CEPH_SETATTR_SIZE)) __ceph_do_pending_vmtruncate(inode); + + if (err >= 0 && (attr->ia_valid & ATTR_MODE)) + err = posix_acl_chmod(inode, attr->ia_mode); + return err; out: spin_unlock(&ci->i_ceph_lock); -out_put: ceph_mdsc_put_request(req); return err; } |