Commit fabe9d6c authored by Frank van der Linden's avatar Frank van der Linden Committed by Greg Kroah-Hartman

xattr: break delegations in {set,remove}xattr

commit 08b5d501 upstream.

set/removexattr on an exported filesystem should break NFS delegations.
This is true in general, but also for the upcoming support for
RFC 8726 (NFSv4 extended attribute support). Make sure that they do.

Additionally, they need to grow a _locked variant, since callers might
call this with i_rwsem held (like the NFS server code).

Cc: stable@vger.kernel.org # v4.9+
Cc: linux-fsdevel@vger.kernel.org
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: default avatarFrank van der Linden <fllinden@amazon.com>
Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 0a3172f9
...@@ -203,10 +203,22 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name, ...@@ -203,10 +203,22 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
return error; return error;
} }
/**
* __vfs_setxattr_locked: set an extended attribute while holding the inode
* lock
*
* @dentry - object to perform setxattr on
* @name - xattr name to set
* @value - value to set @name to
* @size - size of @value
* @flags - flags to pass into filesystem operations
* @delegated_inode - on return, will contain an inode pointer that
* a delegation was broken on, NULL if none.
*/
int int
vfs_setxattr(struct dentry *dentry, const char *name, const void *value, __vfs_setxattr_locked(struct dentry *dentry, const char *name,
size_t size, int flags) const void *value, size_t size, int flags,
struct inode **delegated_inode)
{ {
struct inode *inode = dentry->d_inode; struct inode *inode = dentry->d_inode;
int error; int error;
...@@ -215,15 +227,40 @@ vfs_setxattr(struct dentry *dentry, const char *name, const void *value, ...@@ -215,15 +227,40 @@ vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
if (error) if (error)
return error; return error;
inode_lock(inode);
error = security_inode_setxattr(dentry, name, value, size, flags); error = security_inode_setxattr(dentry, name, value, size, flags);
if (error) if (error)
goto out; goto out;
error = try_break_deleg(inode, delegated_inode);
if (error)
goto out;
error = __vfs_setxattr_noperm(dentry, name, value, size, flags); error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
out: out:
return error;
}
EXPORT_SYMBOL_GPL(__vfs_setxattr_locked);
int
vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
size_t size, int flags)
{
struct inode *inode = dentry->d_inode;
struct inode *delegated_inode = NULL;
int error;
retry_deleg:
inode_lock(inode);
error = __vfs_setxattr_locked(dentry, name, value, size, flags,
&delegated_inode);
inode_unlock(inode); inode_unlock(inode);
if (delegated_inode) {
error = break_deleg_wait(&delegated_inode);
if (!error)
goto retry_deleg;
}
return error; return error;
} }
EXPORT_SYMBOL_GPL(vfs_setxattr); EXPORT_SYMBOL_GPL(vfs_setxattr);
...@@ -377,8 +414,18 @@ __vfs_removexattr(struct dentry *dentry, const char *name) ...@@ -377,8 +414,18 @@ __vfs_removexattr(struct dentry *dentry, const char *name)
} }
EXPORT_SYMBOL(__vfs_removexattr); EXPORT_SYMBOL(__vfs_removexattr);
/**
* __vfs_removexattr_locked: set an extended attribute while holding the inode
* lock
*
* @dentry - object to perform setxattr on
* @name - name of xattr to remove
* @delegated_inode - on return, will contain an inode pointer that
* a delegation was broken on, NULL if none.
*/
int int
vfs_removexattr(struct dentry *dentry, const char *name) __vfs_removexattr_locked(struct dentry *dentry, const char *name,
struct inode **delegated_inode)
{ {
struct inode *inode = dentry->d_inode; struct inode *inode = dentry->d_inode;
int error; int error;
...@@ -387,11 +434,14 @@ vfs_removexattr(struct dentry *dentry, const char *name) ...@@ -387,11 +434,14 @@ vfs_removexattr(struct dentry *dentry, const char *name)
if (error) if (error)
return error; return error;
inode_lock(inode);
error = security_inode_removexattr(dentry, name); error = security_inode_removexattr(dentry, name);
if (error) if (error)
goto out; goto out;
error = try_break_deleg(inode, delegated_inode);
if (error)
goto out;
error = __vfs_removexattr(dentry, name); error = __vfs_removexattr(dentry, name);
if (!error) { if (!error) {
...@@ -400,12 +450,32 @@ vfs_removexattr(struct dentry *dentry, const char *name) ...@@ -400,12 +450,32 @@ vfs_removexattr(struct dentry *dentry, const char *name)
} }
out: out:
return error;
}
EXPORT_SYMBOL_GPL(__vfs_removexattr_locked);
int
vfs_removexattr(struct dentry *dentry, const char *name)
{
struct inode *inode = dentry->d_inode;
struct inode *delegated_inode = NULL;
int error;
retry_deleg:
inode_lock(inode);
error = __vfs_removexattr_locked(dentry, name, &delegated_inode);
inode_unlock(inode); inode_unlock(inode);
if (delegated_inode) {
error = break_deleg_wait(&delegated_inode);
if (!error)
goto retry_deleg;
}
return error; return error;
} }
EXPORT_SYMBOL_GPL(vfs_removexattr); EXPORT_SYMBOL_GPL(vfs_removexattr);
/* /*
* Extended attribute SET operations * Extended attribute SET operations
*/ */
......
...@@ -51,8 +51,10 @@ ssize_t vfs_getxattr(struct dentry *, const char *, void *, size_t); ...@@ -51,8 +51,10 @@ ssize_t vfs_getxattr(struct dentry *, const char *, void *, size_t);
ssize_t vfs_listxattr(struct dentry *d, char *list, size_t size); ssize_t vfs_listxattr(struct dentry *d, char *list, size_t size);
int __vfs_setxattr(struct dentry *, struct inode *, const char *, const void *, size_t, int); int __vfs_setxattr(struct dentry *, struct inode *, const char *, const void *, size_t, int);
int __vfs_setxattr_noperm(struct dentry *, const char *, const void *, size_t, int); int __vfs_setxattr_noperm(struct dentry *, const char *, const void *, size_t, int);
int __vfs_setxattr_locked(struct dentry *, const char *, const void *, size_t, int, struct inode **);
int vfs_setxattr(struct dentry *, const char *, const void *, size_t, int); int vfs_setxattr(struct dentry *, const char *, const void *, size_t, int);
int __vfs_removexattr(struct dentry *, const char *); int __vfs_removexattr(struct dentry *, const char *);
int __vfs_removexattr_locked(struct dentry *, const char *, struct inode **);
int vfs_removexattr(struct dentry *, const char *); int vfs_removexattr(struct dentry *, const char *);
ssize_t generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size); ssize_t generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment