git.hungrycats.org Git - linux/commit

author	Jeff Layton <jlayton@poochiereds.net>
	Thu, 30 Jul 2015 10:57:46 +0000 (06:57 -0400)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 17 Aug 2015 03:52:27 +0000 (20:52 -0700)
commit	1ccdd6c6e9a342c2ed4ced38faa67303226a2a6a
tree	aec2d5ac5a7fccb9d2985d5a940c9a794b0d1e7d	tree \| snapshot
parent	3b5c2aed0e5557c6bc4a305e7627a16a764b4cdb	commit \| diff

nfsd: do nfs4_check_fh in nfs4_check_file instead of nfs4_check_olstateid

commit 8fcd461db7c09337b6d2e22d25eb411123f379e3 upstream.

Currently, preprocess_stateid_op calls nfs4_check_olstateid which
verifies that the open stateid corresponds to the current filehandle in the
call by calling nfs4_check_fh.

If the stateid is a NFS4_DELEG_STID however, then no such check is done.
This could cause incorrect enforcement of permissions, because the
nfsd_permission() call in nfs4_check_file uses current the current
filehandle, but any subsequent IO operation will use the file descriptor
in the stateid.

Move the call to nfs4_check_fh into nfs4_check_file instead so that it
can be done for all stateid types.

Signed-off-by: Jeff Layton <jeff.layton@primarydata.com>
[bfields: moved fh check to avoid NULL deref in special stateid case]
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>