| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d2fabd4b78dda3bd52519b84f50785dbcc2d40fb.camel@hammerspace.com>
Date: Mon, 16 Nov 2020 04:27:55 +0000
From: Trond Myklebust <trondmy@...merspace.com>
To: "neilb@...e.de" <neilb@...e.de>,
"anna.schumaker@...app.com" <anna.schumaker@...app.com>
CC: "linux-nfs@...r.kernel.org" <linux-nfs@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] NFS: only invalidate dentrys that are clearly invalid.
On Mon, 2020-11-16 at 13:59 +1100, NeilBrown wrote:
>
> Prior to commit 5ceb9d7fdaaf ("NFS: Refactor
> nfs_lookup_revalidate()")
> and error from nfs_lookup_verify_inode() other than -ESTALE would
> result
> in nfs_lookup_revalidate() returning that error code (-ESTALE is
> mapped
> to zero).
> Since that commit, all errors result in zero being returned.
>
> When nfs_lookup_revalidate() returns zero, the dentry is invalidated
> and, significantly, if the dentry is a directory that is mounted on,
> that mountpoint is lost.
>
> If you:
> - mount an NFS filesystem which contains a directory
> - mount something (e.g. tmpfs) on that directory
> - use iptables (or scissors) to block traffic to the server
> - ls -l the-mounted-on-directory
> - interrupt the 'ls -l'
> you will find that the directory has been unmounted.
>
> This can be fixed by returning the actual error code from
> nfs_lookup_verify_inode() rather then zero (except for -ESTALE).
>
> Fixes: 5ceb9d7fdaaf ("NFS: Refactor nfs_lookup_revalidate()")
> Signed-off-by: NeilBrown <neilb@...e.de>
> ---
> fs/nfs/dir.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
> index cb52db9a0cfb..d24acf556e9e 100644
> --- a/fs/nfs/dir.c
> +++ b/fs/nfs/dir.c
> @@ -1350,7 +1350,7 @@ nfs_do_lookup_revalidate(struct inode *dir,
> struct dentry *dentry,
> unsigned int flags)
> {
> struct inode *inode;
> - int error;
> + int error = 0;
>
> nfs_inc_stats(dir, NFSIOS_DENTRYREVALIDATE);
> inode = d_inode(dentry);
> @@ -1372,8 +1372,10 @@ nfs_do_lookup_revalidate(struct inode *dir,
> struct dentry *dentry,
> nfs_check_verifier(dir, dentry, flags & LOOKUP_RCU)) {
> error = nfs_lookup_verify_inode(inode, flags);
> if (error) {
> - if (error == -ESTALE)
> + if (error == -ESTALE) {
> nfs_zap_caches(dir);
> + error = 0;
> + }
> goto out_bad;
> }
> nfs_advise_use_readdirplus(dir);
> @@ -1395,7 +1397,7 @@ nfs_do_lookup_revalidate(struct inode *dir,
> struct dentry *dentry,
> out_bad:
> if (flags & LOOKUP_RCU)
> return -ECHILD;
> - return nfs_lookup_revalidate_done(dir, dentry, inode, 0);
> + return nfs_lookup_revalidate_done(dir, dentry, inode, error);
Which errors do we actually need to return here? As far as I can tell,
the only errors that nfs_lookup_verify_inode() is supposed to return is
ENOMEM, ESTALE, ECHILD, and possibly EIO or ETiMEDOUT.
Why would it be better to return those errors rather than just a 0 when
we need to invalidate the inode, particularly since we already have a
special case in nfs_lookup_revalidate_done() when the dentry is root?
> }
>
> static int
--
Trond Myklebust
Linux NFS client maintainer, Hammerspace
trond.myklebust@...merspace.com
Powered by blists - more mailing lists