--- /dev/null
+From stable-bounces@linux.kernel.org Thu Feb 7 12:05:04 2008
+From: J. Bruce Fields <bfields@citi.umich.edu>
+Date: Thu, 7 Feb 2008 21:03:57 +0100
+Subject: knfsd: query filesystem for NFSv4 getattr of FATTR4_MAXNAME
+Message-ID: <6101e8c40802071203r69a1fd9fge2b65c611e5a8e71@mail.gmail.com>
+Content-Disposition: inline
+
+From: J. Bruce Fields <bfields@citi.umich.edu>
+
+mainline: a16e92edcd0a2846455a30823e1bac964e743baa
+
+Without this we always return 2^32-1 as the the maximum namelength.
+
+Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
+Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
+CC: Oliver Pinter <oliver.pntr@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/nfsd/nfs4xdr.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/fs/nfsd/nfs4xdr.c
++++ b/fs/nfsd/nfs4xdr.c
+@@ -1453,7 +1453,8 @@ nfsd4_encode_fattr(struct svc_fh *fhp, s
+ err = vfs_getattr(exp->ex_mnt, dentry, &stat);
+ if (err)
+ goto out_nfserr;
+- if ((bmval0 & (FATTR4_WORD0_FILES_FREE | FATTR4_WORD0_FILES_TOTAL)) ||
++ if ((bmval0 & (FATTR4_WORD0_FILES_FREE | FATTR4_WORD0_FILES_TOTAL |
++ FATTR4_WORD0_MAXNAME)) ||
+ (bmval1 & (FATTR4_WORD1_SPACE_AVAIL | FATTR4_WORD1_SPACE_FREE |
+ FATTR4_WORD1_SPACE_TOTAL))) {
+ err = vfs_statfs(dentry, &statfs);
+@@ -1699,7 +1700,7 @@ out_acl:
+ if (bmval0 & FATTR4_WORD0_MAXNAME) {
+ if ((buflen -= 4) < 0)
+ goto out_resource;
+- WRITE32(~(u32) 0);
++ WRITE32(statfs.f_namelen);
+ }
+ if (bmval0 & FATTR4_WORD0_MAXREAD) {
+ if ((buflen -= 8) < 0)
--- /dev/null
+From stable-bounces@linux.kernel.org Thu Feb 7 12:04:53 2008
+From: Trond Myklebust <Trond.Myklebust@netapp.com>
+Date: Thu, 7 Feb 2008 21:03:49 +0100
+Subject: NFS: Fix an Oops in encode_lookup()
+Message-ID: <6101e8c40802071203g2118a4el192726164ee11fd0@mail.gmail.com>
+Content-Disposition: inline
+
+
+From: Trond Myklebust <Trond.Myklebust@netapp.com>
+
+mainline: 54af3bb543c071769141387a42deaaab5074da55
+
+It doesn't look as if the NFS file name limit is being initialised correctly
+in the struct nfs_server. Make sure that we limit whatever is being set in
+nfs_probe_fsinfo() and nfs_init_server().
+
+Also ensure that readdirplus and nfs4_path_walk respect our file name
+limits.
+
+Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Acked-by: Neil Brown <neilb@suse.de>
+CC: Oliver Pinter <oliver.pntr@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/nfs/client.c | 29 +++++++++++++++++++----------
+ fs/nfs/dir.c | 2 ++
+ fs/nfs/getroot.c | 3 +++
+ 3 files changed, 24 insertions(+), 10 deletions(-)
+
+--- a/fs/nfs/client.c
++++ b/fs/nfs/client.c
+@@ -611,16 +611,6 @@ static int nfs_init_server(struct nfs_se
+ server->namelen = data->namlen;
+ /* Create a client RPC handle for the NFSv3 ACL management interface */
+ nfs_init_server_aclclient(server);
+- if (clp->cl_nfsversion == 3) {
+- if (server->namelen == 0 || server->namelen > NFS3_MAXNAMLEN)
+- server->namelen = NFS3_MAXNAMLEN;
+- if (!(data->flags & NFS_MOUNT_NORDIRPLUS))
+- server->caps |= NFS_CAP_READDIRPLUS;
+- } else {
+- if (server->namelen == 0 || server->namelen > NFS2_MAXNAMLEN)
+- server->namelen = NFS2_MAXNAMLEN;
+- }
+-
+ dprintk("<-- nfs_init_server() = 0 [new %p]\n", clp);
+ return 0;
+
+@@ -820,6 +810,16 @@ struct nfs_server *nfs_create_server(con
+ error = nfs_probe_fsinfo(server, mntfh, &fattr);
+ if (error < 0)
+ goto error;
++ if (server->nfs_client->rpc_ops->version == 3) {
++ if (server->namelen == 0 || server->namelen > NFS3_MAXNAMLEN)
++ server->namelen = NFS3_MAXNAMLEN;
++ if (!(data->flags & NFS_MOUNT_NORDIRPLUS))
++ server->caps |= NFS_CAP_READDIRPLUS;
++ } else {
++ if (server->namelen == 0 || server->namelen > NFS2_MAXNAMLEN)
++ server->namelen = NFS2_MAXNAMLEN;
++ }
++
+ if (!(fattr.valid & NFS_ATTR_FATTR)) {
+ error = server->nfs_client->rpc_ops->getattr(server, mntfh, &fattr);
+ if (error < 0) {
+@@ -1010,6 +1010,9 @@ struct nfs_server *nfs4_create_server(co
+ if (error < 0)
+ goto error;
+
++ if (server->namelen == 0 || server->namelen > NFS4_MAXNAMLEN)
++ server->namelen = NFS4_MAXNAMLEN;
++
+ BUG_ON(!server->nfs_client);
+ BUG_ON(!server->nfs_client->rpc_ops);
+ BUG_ON(!server->nfs_client->rpc_ops->file_inode_ops);
+@@ -1082,6 +1085,9 @@ struct nfs_server *nfs4_create_referral_
+ if (error < 0)
+ goto error;
+
++ if (server->namelen == 0 || server->namelen > NFS4_MAXNAMLEN)
++ server->namelen = NFS4_MAXNAMLEN;
++
+ dprintk("Referral FSID: %llx:%llx\n",
+ (unsigned long long) server->fsid.major,
+ (unsigned long long) server->fsid.minor);
+@@ -1141,6 +1147,9 @@ struct nfs_server *nfs_clone_server(stru
+ if (error < 0)
+ goto out_free_server;
+
++ if (server->namelen == 0 || server->namelen > NFS4_MAXNAMLEN)
++ server->namelen = NFS4_MAXNAMLEN;
++
+ dprintk("Cloned FSID: %llx:%llx\n",
+ (unsigned long long) server->fsid.major,
+ (unsigned long long) server->fsid.minor);
+--- a/fs/nfs/dir.c
++++ b/fs/nfs/dir.c
+@@ -1162,6 +1162,8 @@ static struct dentry *nfs_readdir_lookup
+ }
+ if (!desc->plus || !(entry->fattr->valid & NFS_ATTR_FATTR))
+ return NULL;
++ if (name.len > NFS_SERVER(dir)->namelen)
++ return NULL;
+ /* Note: caller is already holding the dir->i_mutex! */
+ dentry = d_alloc(parent, &name);
+ if (dentry == NULL)
+--- a/fs/nfs/getroot.c
++++ b/fs/nfs/getroot.c
+@@ -175,6 +175,9 @@ next_component:
+ path++;
+ name.len = path - (const char *) name.name;
+
++ if (name.len > NFS4_MAXNAMLEN)
++ return -ENAMETOOLONG;
++
+ eat_dot_dir:
+ while (*path == '/')
+ path++;
projects / thirdparty / kernel / stable-queue.git / commitdiff
