[PATCH 4.19 54/91] NFS4: Only set creation opendata if O_CREAT

Fri, 12 Jul 2019 05:43:10 -0700 

[ Upstream commit 909105199a682cb09c500acd443d34b182846c9c ]

We can end up in nfs4_opendata_alloc during task exit, in which case
current->fs has already been cleaned up.  This leads to a crash in
current_umask().

Fix this by only setting creation opendata if we are actually doing an open
with O_CREAT.  We can drop the check for NULL nfs4_open_createattrs, since
O_CREAT will never be set for the recovery path.

Suggested-by: Trond Myklebust <tron...@hammerspace.com>
Signed-off-by: Benjamin Coddington <bcodd...@redhat.com>
Signed-off-by: Anna Schumaker <anna.schuma...@netapp.com>
Signed-off-by: Sasha Levin <sas...@kernel.org>
---
 fs/nfs/nfs4proc.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 53cf8599a46e..1de855e0ae61 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -1243,10 +1243,20 @@ static struct nfs4_opendata *nfs4_opendata_alloc(struct 
dentry *dentry,
        atomic_inc(&sp->so_count);
        p->o_arg.open_flags = flags;
        p->o_arg.fmode = fmode & (FMODE_READ|FMODE_WRITE);
-       p->o_arg.umask = current_umask();
        p->o_arg.claim = nfs4_map_atomic_open_claim(server, claim);
        p->o_arg.share_access = nfs4_map_atomic_open_share(server,
                        fmode, flags);
+       if (flags & O_CREAT) {
+               p->o_arg.umask = current_umask();
+               p->o_arg.label = nfs4_label_copy(p->a_label, label);
+               if (c->sattr != NULL && c->sattr->ia_valid != 0) {
+                       p->o_arg.u.attrs = &p->attrs;
+                       memcpy(&p->attrs, c->sattr, sizeof(p->attrs));
+
+                       memcpy(p->o_arg.u.verifier.data, c->verf,
+                                       sizeof(p->o_arg.u.verifier.data));
+               }
+       }
        /* don't put an ACCESS op in OPEN compound if O_EXCL, because ACCESS
         * will return permission denied for all bits until close */
        if (!(flags & O_EXCL)) {
@@ -1270,7 +1280,6 @@ static struct nfs4_opendata *nfs4_opendata_alloc(struct 
dentry *dentry,
        p->o_arg.server = server;
        p->o_arg.bitmask = nfs4_bitmask(server, label);
        p->o_arg.open_bitmap = &nfs4_fattr_bitmap[0];
-       p->o_arg.label = nfs4_label_copy(p->a_label, label);
        switch (p->o_arg.claim) {
        case NFS4_OPEN_CLAIM_NULL:
        case NFS4_OPEN_CLAIM_DELEGATE_CUR:
@@ -1283,13 +1292,6 @@ static struct nfs4_opendata *nfs4_opendata_alloc(struct 
dentry *dentry,
        case NFS4_OPEN_CLAIM_DELEG_PREV_FH:
                p->o_arg.fh = NFS_FH(d_inode(dentry));
        }
-       if (c != NULL && c->sattr != NULL && c->sattr->ia_valid != 0) {
-               p->o_arg.u.attrs = &p->attrs;
-               memcpy(&p->attrs, c->sattr, sizeof(p->attrs));
-
-               memcpy(p->o_arg.u.verifier.data, c->verf,
-                               sizeof(p->o_arg.u.verifier.data));
-       }
        p->c_arg.fh = &p->o_res.fh;
        p->c_arg.stateid = &p->o_res.stateid;
        p->c_arg.seqid = p->o_arg.seqid;
-- 
2.20.1

Reply via email to