NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN

[ Upstream commit f67b55b6588bcf9316a1e6e8d529100a5aa3ebe6 ]

Commit 64cfca85bacd asserts the only valid return values for
nfs2/3_decode_dirent should not include -ENAMETOOLONG, but for a server
that sends a filename3 which exceeds MAXNAMELEN in a READDIR response the
client's behavior will be to endlessly retry the operation.

We could map -ENAMETOOLONG into -EBADCOOKIE, but that would produce
truncated listings without any error.  The client should return an error
for this case to clearly assert that the server implementation must be
corrected.

Fixes: 64cfca85bacd ("NFS: Return valid errors from nfs2/3_decode_dirent()")
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/fs/nfs/nfs2xdr.c b/fs/nfs/nfs2xdr.c
index 3d5ba43f44bb618a592230c3e3a6eae3d84b1677..266a4badf1dfce714598a126bedf4e2c31fc2dd1 100644 (file)
--- a/fs/nfs/nfs2xdr.c
+++ b/fs/nfs/nfs2xdr.c
@@ -949,7 +949,7 @@ int nfs2_decode_dirent(struct xdr_stream *xdr, struct nfs_entry *entry,
 
        error = decode_filename_inline(xdr, &entry->name, &entry->len);
        if (unlikely(error))
-               return -EAGAIN;
+               return error == -ENAMETOOLONG ? -ENAMETOOLONG : -EAGAIN;
 
        /*
         * The type (size and byte order) of nfscookie isn't defined in

diff --git a/fs/nfs/nfs3xdr.c b/fs/nfs/nfs3xdr.c
index 7ab60ad98776fb35a52ff63b9b1b015ae94495ae..d48db2f6f4f0273d5ae6abf6d64da024af6e8ee0 100644 (file)
--- a/fs/nfs/nfs3xdr.c
+++ b/fs/nfs/nfs3xdr.c
@@ -1990,7 +1990,7 @@ int nfs3_decode_dirent(struct xdr_stream *xdr, struct nfs_entry *entry,
 
        error = decode_inline_filename3(xdr, &entry->name, &entry->len);
        if (unlikely(error))
-               return -EAGAIN;
+               return error == -ENAMETOOLONG ? -ENAMETOOLONG : -EAGAIN;
 
        error = decode_cookie3(xdr, &new_cookie);
        if (unlikely(error))