[JAUNTY SRU] LP#317274 [CIFS] revalidate parent inode when rmdir done within that directory
Stefan Bader
stefan.bader at canonical.com
Fri Jun 19 15:01:02 UTC 2009
Manoj Iyer wrote:
> SRU JUSTIFICATION:
>
> IMPACT: removed directories in cifs mounted share can still appear within
> application calls. This could potentially be a security issue?
>
> FIX: A patch from Steve French fixes the problem, [CIFS] revalidate parent
> inode when rmdir done within that directory
>
> TEST: Originator of the bug tested the kernel in
> http://people.ubuntu.com/~manjo/lp317274-jaunty and reported to work.
>
> The following changes since commit
> 8d6d84357a3631767f391571e8741c95d829a92d:
> Stefan Bader (1):
> UBUNTU: Forgotten update to control files
>
> are available in the git repository at:
>
> git://kernel.ubuntu.com/manjo/ubuntu-jaunty.git lp317274
>
> Steve French (1):
> [CIFS] revalidate parent inode when rmdir done within that directory
>
> fs/cifs/CHANGES | 17 +++++++++++++----
> fs/cifs/inode.c | 5 +++++
> 2 files changed, 18 insertions(+), 4 deletions(-)
> From d346ef69d9c239884ac40234ab4b6fcecd4590cd Mon Sep 17 00:00:00 2001
> From: Steve French <sfrench at us.ibm.com>
> Date: Tue, 13 Jan 2009 22:03:55 +0000
> Subject: [PATCH] [CIFS] revalidate parent inode when rmdir done within that directory
>
> When a search is pending of a parent directory, and a child directory
> within it is removed, we need to reset the parent directory's time
> so that we don't reuse the (now stale) search results.
>
> Thanks to Gunter Kukkukk for reporting this:
>
>> got the following failure notification on irc #samba:
>>
>> A user was updating from subversion 1.4 to 1.5, where the
>> repository is located on a samba share (independent of
>> unix extensions = Yes or No).
>> svn 1.4 did work, 1.5 does not.
>>
>> The user did a lot of stracing of subversion - and wrote a
>> testapplet to simulate the failing behaviour.
>> I've converted the C++ source to C and added some error cases.
>>
>> When using "./testdir" on a local file system, "result2"
>> is always (nil) as expected - cifs vfs behaves different here!
>>
>> ./testdir /mnt/cifs/mounted/share
>>
>> returns a (failing) valid pointer.
>
> Acked-by: Dave Kleikamp <shaggy at us.ibm.com>
> Acked-by: Jeff Layton <jlayton at redhat.com>
> Signed-off-by: Steve French <sfrench at us.ibm.com>
> Signed-off-by: Manoj Iyer <manoj.iyer at canonical.com>
>
> BugLink: https://bugs.launchpad.net/ubuntu/jaunty/+source/linux/+bug/317274
> ---
> fs/cifs/CHANGES | 17 +++++++++++++----
> fs/cifs/inode.c | 5 +++++
> 2 files changed, 18 insertions(+), 4 deletions(-)
>
> diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES
> index 3c8b48d..34ce975 100644
> --- a/fs/cifs/CHANGES
> +++ b/fs/cifs/CHANGES
> @@ -1,7 +1,16 @@
> -Fix oops in cifs_dfs_ref.c when prefixpath is not reachable when using DFS.
> -Fix "redzone overwritten" bug in cifs_put_tcon (CIFSTcon may allocate too
> -little memory for the "nativeFileSystem" field returned by the server
> -during mount).
> +Version 1.56
> +------------
> +Add "forcemandatorylock" mount option to allow user to use mandatory
> +rather than posix (advisory) byte range locks, even though server would
> +support posix byte range locks. Fix query of root inode when prefixpath
> +specified and user does not have access to query information about the
> +top of the share. Fix problem in 2.6.28 resolving DFS paths to
> +Samba servers (worked to Windows). Fix rmdir so that pending search
> +(readdir) requests do not get invalid results which include the now
> +removed directory. Fix oops in cifs_dfs_ref.c when prefixpath is not reachable
> +when using DFS. Add better file create support to servers which support
> +the CIFS POSIX protocol extensions (this adds support for new flags
> +on create, and improves semantics for write of locked ranges).
>
> Version 1.55
> ------------
> diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
> index ff8c68d..1949b26 100644
> --- a/fs/cifs/inode.c
> +++ b/fs/cifs/inode.c
> @@ -1237,6 +1237,11 @@ int cifs_rmdir(struct inode *inode, struct dentry *direntry)
> cifsInode = CIFS_I(direntry->d_inode);
> cifsInode->time = 0; /* force revalidate to go get info when
> needed */
> +
> + cifsInode = CIFS_I(inode);
> + cifsInode->time = 0; /* force revalidate to get parent dir info
> + since cached search results now invalid */
> +
> direntry->d_inode->i_ctime = inode->i_ctime = inode->i_mtime =
> current_fs_time(inode->i_sb);
>
Applied
--
When all other means of communication fail, try words!
More information about the kernel-team
mailing list