summaryrefslogtreecommitdiffstats
path: root/fs/nfsd
diff options
context:
space:
mode:
authorJ. Bruce Fields <bfields@redhat.com>2014-01-24 18:04:40 -0500
committerJ. Bruce Fields <bfields@redhat.com>2014-01-27 13:59:16 -0500
commit4335723e8e9fdc6e4bb2555696bc7f1abe75f200 (patch)
tree047598958f44c9865039f19b8f3d4abfc4b99065 /fs/nfsd
parentc0e6bee480591a78caad5b13bd377948c025d0cd (diff)
downloadlinux-4335723e8e9fdc6e4bb2555696bc7f1abe75f200.tar.gz
linux-4335723e8e9fdc6e4bb2555696bc7f1abe75f200.tar.bz2
linux-4335723e8e9fdc6e4bb2555696bc7f1abe75f200.zip
nfsd4: fix delegation-unlink/rename race
If a file is unlinked or renamed between the time when we do the local open and the time when we get the delegation, then we will return to the client indicating that it holds a delegation even though the file no longer exists under the name it was open under. But a client performing an open-by-name, when it is returned a delegation, must be able to assume that the file is still linked at the name it was opened under. So, hold the parent i_mutex for longer to prevent concurrent renames or unlinks. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd')
-rw-r--r--fs/nfsd/nfs4proc.c10
-rw-r--r--fs/nfsd/vfs.c7
2 files changed, 13 insertions, 4 deletions
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index 844813a7e12a..ef76ba632387 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -279,11 +279,15 @@ do_open_lookup(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, stru
if (open->op_createmode == NFS4_CREATE_EXCLUSIVE && status == 0)
open->op_bmval[1] = (FATTR4_WORD1_TIME_ACCESS |
FATTR4_WORD1_TIME_MODIFY);
- } else {
+ } else
+ /*
+ * Note this may exit with the parent still locked.
+ * We will hold the lock until nfsd4_open's final
+ * lookup, to prevent renames or unlinks until we've had
+ * a chance to an acquire a delegation if appropriate.
+ */
status = nfsd_lookup(rqstp, current_fh,
open->op_fname.data, open->op_fname.len, *resfh);
- fh_unlock(current_fh);
- }
if (status)
goto out;
status = nfsd_check_obj_isreg(*resfh);
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index e85b463fac4a..a41302a00650 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -207,7 +207,12 @@ nfsd_lookup_dentry(struct svc_rqst *rqstp, struct svc_fh *fhp,
goto out_nfserr;
}
} else {
- fh_lock(fhp);
+ /*
+ * In the nfsd4_open() case, this may be held across
+ * subsequent open and delegation acquisition which may
+ * need to take the child's i_mutex:
+ */
+ fh_lock_nested(fhp, I_MUTEX_PARENT);
dentry = lookup_one_len(name, dparent, len);
host_err = PTR_ERR(dentry);
if (IS_ERR(dentry))