git.baikalelectronics.ru Git - kernel.git/commit

author	Chuck Lever <chuck.lever@oracle.com>
	Mon, 11 Apr 2016 20:20:22 +0000 (16:20 -0400)
committer	Anna Schumaker <Anna.Schumaker@Netapp.com>
	Mon, 9 May 2016 13:05:40 +0000 (09:05 -0400)
commit	e92d7dbc11232e245edecf9494c15391328c5d2a
tree	38b09676f82ac1e8db4bf3eef19d97082e386aa8	tree \| snapshot
parent	64ce3845c6ff0adb39cf1b9acb6270f0ea566a4a	commit \| diff

NFS: Fix an LOCK/OPEN race when unlinking an open file

At Connectathon 2016, we found that recent upstream Linux clients
would occasionally send a LOCK operation with a zero stateid. This
appeared to happen in close proximity to another thread returning
a delegation before unlinking the same file while it remained open.

Earlier, the client received a write delegation on this file and
returned the open stateid. Now, as it is getting ready to unlink the
file, it returns the write delegation. But there is still an open
file descriptor on that file, so the client must OPEN the file
again before it returns the delegation.

Since commit 738d499cf8f8 ('NFSv4: Recovery of recalled read
delegations is broken'), nfs_open_delegation_recall() clears the
NFS_DELEGATED_STATE flag _before_ it sends the OPEN. This allows a
racing LOCK on the same inode to be put on the wire before the OPEN
operation has returned a valid open stateid.

To eliminate this race, serialize delegation return with the
acquisition of a file lock on the same file. Adopt the same approach
as is used in the unlock path.

This patch also eliminates a similar race seen when sending a LOCK
operation at the same time as returning a delegation on the same file.

Fixes: 738d499cf8f8 ('NFSv4: Recovery of recalled read ... ')
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
[Anna: Add sentence about LOCK / delegation race]
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>