[JAUNTY SRU] LP#317274 [CIFS] revalidate parent inode when rmdir done within that directory

Manoj Iyer manoj.iyer at canonical.com
Wed Jun 17 21:19:36 UTC 2009 

SRU JUSTIFICATION:

IMPACT: removed directories in cifs mounted share can still appear within 
application calls. This could potentially be a security issue?

FIX: A patch from Steve French fixes the problem, [CIFS] revalidate parent 
inode when rmdir done within that directory

TEST: Originator of the bug tested the kernel in 
http://people.ubuntu.com/~manjo/lp317274-jaunty  and reported to work.

The following changes since commit 
8d6d84357a3631767f391571e8741c95d829a92d:
   Stefan Bader (1):
         UBUNTU: Forgotten update to control files

are available in the git repository at:

   git://kernel.ubuntu.com/manjo/ubuntu-jaunty.git lp317274

Steve French (1):
       [CIFS] revalidate parent inode when rmdir done within that directory

  fs/cifs/CHANGES |   17 +++++++++++++----
  fs/cifs/inode.c |    5 +++++
  2 files changed, 18 insertions(+), 4 deletions(-)
>From d346ef69d9c239884ac40234ab4b6fcecd4590cd Mon Sep 17 00:00:00 2001
From: Steve French <sfrench at us.ibm.com>
Date: Tue, 13 Jan 2009 22:03:55 +0000
Subject: [PATCH] [CIFS] revalidate parent inode when rmdir done within that directory

When a search is pending of a parent directory, and a child directory
within it is removed, we need to reset the parent directory's time
so that we don't reuse the (now stale) search results.

Thanks to Gunter Kukkukk for reporting this:

> got the following failure notification on irc #samba:
>
> A user was updating from subversion 1.4 to 1.5, where the
> repository is located on a samba share (independent of
> unix extensions = Yes or No).
> svn 1.4 did work, 1.5 does not.
>
> The user did a lot of stracing of subversion - and wrote a
> testapplet to simulate the failing behaviour.
> I've converted the C++ source to C and added some error cases.
>
> When using "./testdir" on a local file system, "result2"
> is always (nil) as expected - cifs vfs behaves different here!
>
>   ./testdir /mnt/cifs/mounted/share
>
> returns a (failing) valid pointer.

Acked-by: Dave Kleikamp <shaggy at us.ibm.com>
Acked-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Steve French <sfrench at us.ibm.com>
Signed-off-by: Manoj Iyer <manoj.iyer at canonical.com>

BugLink: https://bugs.launchpad.net/ubuntu/jaunty/+source/linux/+bug/317274
---
  fs/cifs/CHANGES |   17 +++++++++++++----
  fs/cifs/inode.c |    5 +++++
  2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES
index 3c8b48d..34ce975 100644
--- a/fs/cifs/CHANGES
+++ b/fs/cifs/CHANGES
@@ -1,7 +1,16 @@
-Fix oops in cifs_dfs_ref.c when prefixpath is not reachable when using DFS.
-Fix "redzone overwritten" bug in cifs_put_tcon (CIFSTcon may allocate too
-little memory for the "nativeFileSystem" field returned by the server
-during mount).
+Version 1.56
+------------
+Add "forcemandatorylock" mount option to allow user to use mandatory
+rather than posix (advisory) byte range locks, even though server would
+support posix byte range locks.  Fix query of root inode when prefixpath
+specified and user does not have access to query information about the
+top of the share.  Fix problem in 2.6.28 resolving DFS paths to
+Samba servers (worked to Windows).  Fix rmdir so that pending search
+(readdir) requests do not get invalid results which include the now
+removed directory.  Fix oops in cifs_dfs_ref.c when prefixpath is not reachable 
+when using DFS. Add better file create support to servers which support
+the CIFS POSIX protocol extensions (this adds support for new flags
+on create, and improves semantics for write of locked ranges).

  Version 1.55
  ------------
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
index ff8c68d..1949b26 100644
--- a/fs/cifs/inode.c
+++ b/fs/cifs/inode.c
@@ -1237,6 +1237,11 @@ int cifs_rmdir(struct inode *inode, struct dentry *direntry)
  	cifsInode = CIFS_I(direntry->d_inode);
  	cifsInode->time = 0;	/* force revalidate to go get info when
  				   needed */
+
+	cifsInode = CIFS_I(inode);
+	cifsInode->time = 0;	/* force revalidate to get parent dir info
+				   since cached search results now invalid */
+
  	direntry->d_inode->i_ctime = inode->i_ctime = inode->i_mtime =
  		current_fs_time(inode->i_sb);

-- 
1.6.0.4


Cheers
--- manjo

More information about the kernel-team mailing list