Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-04 12:12:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ksmbd: fix missing use of get_write in in smb2_set_ea()

Browse Source 
Fix an issue where get_write is not used in smb2_set_ea().

Fixes: 6fc0a265e1 ("ksmbd: fix potential circular locking issue in smb2_set_ea()")
Cc: stable@vger.kernel.org
Reported-by: Wang Zhaolong <wangzhaolong1@huawei.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
This commit is contained in:
Namjae Jeon 2024-06-11 23:27:27 +09:00 committed by Steve French
parent 1cdeca6a72
commit 2bfc4214c6
4 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
fs/smb/server/smb2pdu.c
View File

@ -2367,7 +2367,8 @@ static int smb2_set_ea(struct smb2_ea_info *eabuf, unsigned int buf_len,
if (rc > 0) { if (rc > 0) {
rc = ksmbd_vfs_remove_xattr(idmap, rc = ksmbd_vfs_remove_xattr(idmap,
path, path,
attr_name); attr_name,
get_write);
if (rc < 0) { if (rc < 0) {
ksmbd_debug(SMB, ksmbd_debug(SMB,
@ -2382,7 +2383,7 @@ static int smb2_set_ea(struct smb2_ea_info *eabuf, unsigned int buf_len,
} else { } else {
rc = ksmbd_vfs_setxattr(idmap, path, attr_name, value, rc = ksmbd_vfs_setxattr(idmap, path, attr_name, value,
le16_to_cpu(eabuf->EaValueLength), le16_to_cpu(eabuf->EaValueLength),
0, true); 0, get_write);
if (rc < 0) { if (rc < 0) {
ksmbd_debug(SMB, ksmbd_debug(SMB,
"ksmbd_vfs_setxattr is failed(%d)\n", "ksmbd_vfs_setxattr is failed(%d)\n",
@ -2474,7 +2475,7 @@ static int smb2_remove_smb_xattrs(const struct path *path)
!strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX, !strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX,
STREAM_PREFIX_LEN)) { STREAM_PREFIX_LEN)) {
err = ksmbd_vfs_remove_xattr(idmap, path, err = ksmbd_vfs_remove_xattr(idmap, path,
name); name, true);
if (err) if (err)
ksmbd_debug(SMB, "remove xattr failed : %s\n", ksmbd_debug(SMB, "remove xattr failed : %s\n",
name); name);

17
fs/smb/server/vfs.c
View File

@ -1058,16 +1058,21 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
} }
int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap, int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap,
const struct path *path, char *attr_name) const struct path *path, char *attr_name,
bool get_write)
{ {
int err; int err;
err = mnt_want_write(path->mnt); if (get_write == true) {
if (err) err = mnt_want_write(path->mnt);
return err; if (err)
return err;
}
err = vfs_removexattr(idmap, path->dentry, attr_name); err = vfs_removexattr(idmap, path->dentry, attr_name);
mnt_drop_write(path->mnt);
if (get_write == true)
mnt_drop_write(path->mnt);
return err; return err;
} }
@ -1380,7 +1385,7 @@ int ksmbd_vfs_remove_sd_xattrs(struct mnt_idmap *idmap, const struct path *path)
ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name)); ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name));
if (!strncmp(name, XATTR_NAME_SD, XATTR_NAME_SD_LEN)) { if (!strncmp(name, XATTR_NAME_SD, XATTR_NAME_SD_LEN)) {
err = ksmbd_vfs_remove_xattr(idmap, path, name); err = ksmbd_vfs_remove_xattr(idmap, path, name, true);
if (err) if (err)
ksmbd_debug(SMB, "remove xattr failed : %s\n", name); ksmbd_debug(SMB, "remove xattr failed : %s\n", name);
} }

3
fs/smb/server/vfs.h
View File

@ -114,7 +114,8 @@ int ksmbd_vfs_setxattr(struct mnt_idmap *idmap,
int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name, int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
size_t *xattr_stream_name_size, int s_type); size_t *xattr_stream_name_size, int s_type);
int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap, int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap,
const struct path *path, char *attr_name); const struct path *path, char *attr_name,
bool get_write);
int ksmbd_vfs_kern_path_locked(struct ksmbd_work *work, char *name, int ksmbd_vfs_kern_path_locked(struct ksmbd_work *work, char *name,
unsigned int flags, struct path *parent_path, unsigned int flags, struct path *parent_path,
struct path *path, bool caseless); struct path *path, bool caseless);

3
fs/smb/server/vfs_cache.c
View File

@ -254,7 +254,8 @@ static void __ksmbd_inode_close(struct ksmbd_file *fp)
ci->m_flags &= ~S_DEL_ON_CLS_STREAM; ci->m_flags &= ~S_DEL_ON_CLS_STREAM;
err = ksmbd_vfs_remove_xattr(file_mnt_idmap(filp), err = ksmbd_vfs_remove_xattr(file_mnt_idmap(filp),
&filp->f_path, &filp->f_path,
fp->stream.name); fp->stream.name,
true);
if (err) if (err)
pr_err("remove xattr failed : %s\n", pr_err("remove xattr failed : %s\n",
fp->stream.name); fp->stream.name);