nfsd: Return EPERM on utime/utimes/lutimes calls instead of EACCESS in some cases
diff mbox series

Message ID 1543565065-45503-1-git-send-email-zhengbin13@huawei.com
State New
Headers show
Series
  • nfsd: Return EPERM on utime/utimes/lutimes calls instead of EACCESS in some cases
Related show

Commit Message

zhengbin Nov. 30, 2018, 8:04 a.m. UTC
As the man(3) page for utime/utimes/lutimes, EPERM is returned
when the second parameter of utime/utimes/lutimes is not NULL,
the caller's effective UID does not match the owner of the file,
and the caller is not privileged.

However, in a NFS directory, it will return EACCESS(nfsd_setattr->
fh_verify->nfsd_permission), This patch fix this.

Signed-off-by: zhengbin <zhengbin13@huawei.com>
---
 fs/nfsd/vfs.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

--
2.7.4

Patch
diff mbox series

diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index eb67098..9824e32 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -396,10 +396,23 @@  nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
 	bool		get_write_count;
 	bool		size_change = (iap->ia_valid & ATTR_SIZE);

-	if (iap->ia_valid & (ATTR_ATIME | ATTR_MTIME | ATTR_SIZE))
+	if (iap->ia_valid & ATTR_SIZE) {
 		accmode |= NFSD_MAY_WRITE|NFSD_MAY_OWNER_OVERRIDE;
-	if (iap->ia_valid & ATTR_SIZE)
 		ftype = S_IFREG;
+	}
+
+	/*
+	 * If utimes(2) and friends are called with times not NULL, we should
+	 * not set NFSD_MAY_WRITE bit. Otherwise fh_verify->nfsd_permission
+	 * will return EACCESS, when the caller's effective UID does not match
+	 * the owner of the file, and the caller is not privileged. In this
+	 * situation, we should return EPERM(notify_change will return this).
+	 */
+	if (iap->ia_valid & (ATTR_ATIME | ATTR_MTIME)) {
+		accmode |= NFSD_MAY_OWNER_OVERRIDE;
+		if (!(iap->ia_valid & (ATTR_ATIME_SET | ATTR_MTIME_SET)))
+			accmode |= NFSD_MAY_WRITE;
+	}

 	/* Callers that do fh_verify should do the fh_want_write: */
 	get_write_count = !fhp->fh_dentry;