[CIFS] Byte range unlock request to non-Unix server can unlock too much
On a mount without posix extensions enabled, when an unlock request is made, the client can release more than is intended. To reproduce, on a CIFS mount without posix extensions enabled: 1) open file 2) do fcntl lock: start=0 len=1 3) do fcntl lock: start=2 len=1 4) do fcntl unlock: start=0 len=1 ...on the unlock call the client sends an unlock request to the server for both locks. The problem is a bad test in cifs_lock. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
95ba736210
commit
39db810cb6
@ -6,7 +6,10 @@ done with "serverino" mount option). Add support for POSIX Unlink
|
||||
Samba supports newer POSIX CIFS Protocol Extensions). Add "nounix"
|
||||
mount option to allow disabling the CIFS Unix Extensions for just
|
||||
that mount. Fix hang on spinlock in find_writable_file (race when
|
||||
reopening file after session crash).
|
||||
reopening file after session crash). Byte range unlock request to
|
||||
windows server could unlock more bytes (on server copy of file)
|
||||
than intended if start of unlock request is well before start of
|
||||
a previous byte range lock that we issued.
|
||||
|
||||
Version 1.49
|
||||
------------
|
||||
|
@ -767,7 +767,8 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
|
||||
mutex_lock(&fid->lock_mutex);
|
||||
list_for_each_entry_safe(li, tmp, &fid->llist, llist) {
|
||||
if (pfLock->fl_start <= li->offset &&
|
||||
length >= li->length) {
|
||||
(pflock->fl_start + length) >=
|
||||
(li->offset + li->length)) {
|
||||
stored_rc = CIFSSMBLock(xid, pTcon,
|
||||
netfid,
|
||||
li->length, li->offset,
|
||||
|
Loading…
Reference in New Issue
Block a user