tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

ksmbd: fix missing use of get_write in in smb2_set_ea()

Fix an issue where get_write is not used in smb2_set_ea().

Fixes: 6fc0a265e1b9 ("ksmbd: fix potential circular locking issue in smb2_set_ea()")
Cc: stable@vger.kernel.org
Reported-by: Wang Zhaolong <wangzhaolong1@huawei.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

authored by

Namjae Jeon and committed by
Steve French 2bfc4214 1cdeca6a

+19 -11
+4 -3
fs/smb/server/smb2pdu.c
··· 2367 2367 if (rc > 0) { 2368 2368 rc = ksmbd_vfs_remove_xattr(idmap, 2369 2369 path, 2370 - attr_name); 2370 + attr_name, 2371 + get_write); 2371 2372 2372 2373 if (rc < 0) { 2373 2374 ksmbd_debug(SMB, ··· 2383 2382 } else { 2384 2383 rc = ksmbd_vfs_setxattr(idmap, path, attr_name, value, 2385 2384 le16_to_cpu(eabuf->EaValueLength), 2386 - 0, true); 2385 + 0, get_write); 2387 2386 if (rc < 0) { 2388 2387 ksmbd_debug(SMB, 2389 2388 "ksmbd_vfs_setxattr is failed(%d)\n", ··· 2475 2474 !strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX, 2476 2475 STREAM_PREFIX_LEN)) { 2477 2476 err = ksmbd_vfs_remove_xattr(idmap, path, 2478 - name); 2477 + name, true); 2479 2478 if (err) 2480 2479 ksmbd_debug(SMB, "remove xattr failed : %s\n", 2481 2480 name);
+11 -6
fs/smb/server/vfs.c
··· 1058 1058 } 1059 1059 1060 1060 int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap, 1061 - const struct path *path, char *attr_name) 1061 + const struct path *path, char *attr_name, 1062 + bool get_write) 1062 1063 { 1063 1064 int err; 1064 1065 1065 - err = mnt_want_write(path->mnt); 1066 - if (err) 1067 - return err; 1066 + if (get_write == true) { 1067 + err = mnt_want_write(path->mnt); 1068 + if (err) 1069 + return err; 1070 + } 1068 1071 1069 1072 err = vfs_removexattr(idmap, path->dentry, attr_name); 1070 - mnt_drop_write(path->mnt); 1073 + 1074 + if (get_write == true) 1075 + mnt_drop_write(path->mnt); 1071 1076 1072 1077 return err; 1073 1078 } ··· 1385 1380 ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name)); 1386 1381 1387 1382 if (!strncmp(name, XATTR_NAME_SD, XATTR_NAME_SD_LEN)) { 1388 - err = ksmbd_vfs_remove_xattr(idmap, path, name); 1383 + err = ksmbd_vfs_remove_xattr(idmap, path, name, true); 1389 1384 if (err) 1390 1385 ksmbd_debug(SMB, "remove xattr failed : %s\n", name); 1391 1386 }
+2 -1
fs/smb/server/vfs.h
··· 114 114 int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name, 115 115 size_t *xattr_stream_name_size, int s_type); 116 116 int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap, 117 - const struct path *path, char *attr_name); 117 + const struct path *path, char *attr_name, 118 + bool get_write); 118 119 int ksmbd_vfs_kern_path_locked(struct ksmbd_work *work, char *name, 119 120 unsigned int flags, struct path *parent_path, 120 121 struct path *path, bool caseless);
+2 -1
fs/smb/server/vfs_cache.c
··· 254 254 ci->m_flags &= ~S_DEL_ON_CLS_STREAM; 255 255 err = ksmbd_vfs_remove_xattr(file_mnt_idmap(filp), 256 256 &filp->f_path, 257 - fp->stream.name); 257 + fp->stream.name, 258 + true); 258 259 if (err) 259 260 pr_err("remove xattr failed : %s\n", 260 261 fp->stream.name);