[patch 17/29] NFS: NFSv4 readdir loses entries

From: Greg KH
Date: Thu Mar 10 2011 - 19:00:33 EST

Next message: Greg KH: "[patch 16/29] HID: hid-mosart: ignore buttons report"
Previous message: Greg KH: "[patch 14/29] [CPUFREQ] pcc-cpufreq: dont load driver if get_freq fails during init."
In reply to: Greg KH: "[patch 14/29] [CPUFREQ] pcc-cpufreq: dont load driver if get_freq fails during init."
Next in thread: Greg KH: "[patch 16/29] HID: hid-mosart: ignore buttons report"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.6.37-stable review patch. If anyone has any objections, please let us know.

------------------

From: Chuck Lever <chuck.lever@xxxxxxxxxx>

commit d1205f87bbb8040c1408bbd9e0a720310b2b0b9b upstream.

On recent 2.6.38-rc kernels, connectathon basic test 6 fails on
NFSv4 mounts of OpenSolaris with something like:

> ./test6: readdir
> ./test6: (/mnt/klimt/matisse.test) didn't read expected 'file.12' dir entry, pass 0
> ./test6: (/mnt/klimt/matisse.test) didn't read expected 'file.82' dir entry, pass 0
> ./test6: (/mnt/klimt/matisse.test) didn't read expected 'file.164' dir entry, pass 0
> ./test6: (/mnt/klimt/matisse.test) Test failed with 3 errors
> basic tests failed
> Tests failed, leaving /mnt/klimt mounted
> [cel@matisse cthon04]$

I narrowed the problem down to nfs4_decode_dirent() reporting that the
decode buffer had overflowed while decoding the entries for those
missing files.

verify_attr_len() assumes both it's pointer arguments reside on the
same page. When these arguments point to locations on two different
pages, verify_attr_len() can report false errors. This can happen now
that a large NFSv4 readdir result can span pages.

We have reasonably good checking in nfs4_decode_dirent() anyway, so
it should be safe to simply remove the extra checking.

At a guess, this was introduced by commit 6650239a, "NFS: Don't use
vm_map_ram() in readdir".

Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
Signed-off-by: Trond Myklebust <Trond.Myklebust@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
fs/nfs/nfs4xdr.c | 3 ---
1 file changed, 3 deletions(-)

--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -6212,9 +6212,6 @@ __be32 *nfs4_decode_dirent(struct xdr_st
if (entry->fattr->valid & NFS_ATTR_FATTR_TYPE)
entry->d_type = nfs_umode_to_dtype(entry->fattr->mode);

- if (verify_attr_len(xdr, p, len) < 0)
- goto out_overflow;
-
return p;

out_overflow:

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[patch 16/29] HID: hid-mosart: ignore buttons report"
Previous message: Greg KH: "[patch 14/29] [CPUFREQ] pcc-cpufreq: dont load driver if get_freq fails during init."
In reply to: Greg KH: "[patch 14/29] [CPUFREQ] pcc-cpufreq: dont load driver if get_freq fails during init."
Next in thread: Greg KH: "[patch 16/29] HID: hid-mosart: ignore buttons report"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]