From patchwork Wed Apr  7 16:19:10 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
X-Patchwork-Id: 49612
Return-Path: <linux-cifs-client-bounces@lists.samba.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.samba.org (fn.samba.org [216.83.154.106])
	by ozlabs.org (Postfix) with ESMTP id BC6D5B7D2D
	for <incoming@patchwork.ozlabs.org>;
	Thu,  8 Apr 2010 02:22:21 +1000 (EST)
Received: from fn.samba.org (localhost [127.0.0.1])
	by lists.samba.org (Postfix) with ESMTP id 86E0CAD1CB;
	Wed,  7 Apr 2010 10:22:21 -0600 (MDT)
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on fn.samba.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=3.8 tests=BAYES_00,SPF_PASS
	autolearn=ham version=3.2.5
X-Original-To: linux-cifs-client@lists.samba.org
Delivered-To: linux-cifs-client@lists.samba.org
Received: from mail-pw0-f41.google.com (mail-pw0-f41.google.com
	[209.85.160.41])
	by lists.samba.org (Postfix) with ESMTP id AA139AD11A
	for <linux-cifs-client@lists.samba.org>;
	Wed,  7 Apr 2010 10:22:16 -0600 (MDT)
Received: by pwi2 with SMTP id 2so1091892pwi.14
	for <linux-cifs-client@lists.samba.org>;
	Wed, 07 Apr 2010 09:22:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:from:to:cc:subject:date
	:message-id:x-mailer;
	bh=vRzlv/u0kFGM/2QoqYtxCTo1iJNsIJfsbp+zIhQszM4=;
	b=F47IDDwDTJfVApmFqhwhUv86WhoAuXLfXa+BDC8Ip7iF52+LYDzagAxEqSzKXUjIUO
	h/GCTSydXU83f7VzOd4gvEMv4PO1ZBxWAEo4INiHUbASl9p7tqbpUttskgbCFQ0zUFEH
	8t79nSyZHWZxebNFlw+beHyoXvT36/rEuLmQg=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=from:to:cc:subject:date:message-id:x-mailer;
	b=tsCywByPBjDqIYfL3nIhj4BoDnbHpLRl1GOHhihNtGcA6+vcdZOlMdjisIaPuXPDDN
	AIzZz7NPWoX3VmbGfApaVaIyqvtTV42plnJheuvt6Cg6n+O9DHs8OVbFEZxsHrfvBqWV
	hl9KIyckQXBkJz4IUMWD6Wk+I8pupjrp59TwQ=
Received: by 10.115.84.22 with SMTP id m22mr95279wal.201.1270657327232;
	Wed, 07 Apr 2010 09:22:07 -0700 (PDT)
Received: from localhost ([32.97.110.58])
	by mx.google.com with ESMTPS id 22sm3195848iwn.4.2010.04.07.09.22.05
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Wed, 07 Apr 2010 09:22:06 -0700 (PDT)
From: shirishpargaonkar@gmail.com
To: linux-cifs-client@lists.samba.org
Date: Wed,  7 Apr 2010 11:19:10 -0500
Message-Id: <1270657150-2845-1-git-send-email-shirishpargaonkar@gmail.com>
X-Mailer: git-send-email 1.6.0.2
Cc: smfrench@gmail.com
Subject: [linux-cifs-client] [linux-cifs-client[[patch] Attempt #2 to handle
	null nameidata
X-BeenThere: linux-cifs-client@lists.samba.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: The Linux CIFS VFS client <linux-cifs-client.lists.samba.org>
List-Unsubscribe: <https://lists.samba.org/mailman/options/linux-cifs-client>,
	<mailto:linux-cifs-client-request@lists.samba.org?subject=unsubscribe>
List-Archive: <http://lists.samba.org/pipermail/linux-cifs-client>
List-Post: <mailto:linux-cifs-client@lists.samba.org>
List-Help: <mailto:linux-cifs-client-request@lists.samba.org?subject=help>
List-Subscribe: <https://lists.samba.org/mailman/listinfo/linux-cifs-client>,
	<mailto:linux-cifs-client-request@lists.samba.org?subject=subscribe>
MIME-Version: 1.0
Sender: linux-cifs-client-bounces@lists.samba.org
Errors-To: linux-cifs-client-bounces@lists.samba.org

While creating a file on a server which supports unix extensions
such as Samba, if a file is being created which does not supply
nameidata (i.e. nd is null), cifs client can oops when calling
cifs_posix_open.

Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Reported-by: Eugene Teo <eugeneteo@kernel.sg>

diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
index 88e2bc4..efb8772 100644
--- a/fs/cifs/cifsproto.h
+++ b/fs/cifs/cifsproto.h
@@ -95,8 +95,10 @@ extern struct cifsFileInfo *cifs_new_fileinfo(struct inode *newinode,
 				__u16 fileHandle, struct file *file,
 				struct vfsmount *mnt, unsigned int oflags);
 extern int cifs_posix_open(char *full_path, struct inode **pinode,
-			   struct vfsmount *mnt, int mode, int oflags,
-			   __u32 *poplock, __u16 *pnetfid, int xid);
+				struct vfsmount *mnt,
+				struct super_block *sb,
+				int mode, int oflags,
+				__u32 *poplock, __u16 *pnetfid, int xid);
 extern void cifs_unix_basic_to_fattr(struct cifs_fattr *fattr,
 				     FILE_UNIX_BASIC_INFO *info,
 				     struct cifs_sb_info *cifs_sb);
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
index 6ccf726..9e9d48f 100644
--- a/fs/cifs/dir.c
+++ b/fs/cifs/dir.c
@@ -183,13 +183,14 @@ cifs_new_fileinfo(struct inode *newinode, __u16 fileHandle,
 }
 
 int cifs_posix_open(char *full_path, struct inode **pinode,
-		    struct vfsmount *mnt, int mode, int oflags,
-		    __u32 *poplock, __u16 *pnetfid, int xid)
+			struct vfsmount *mnt, struct super_block *sb,
+			int mode, int oflags,
+			__u32 *poplock, __u16 *pnetfid, int xid)
 {
 	int rc;
 	FILE_UNIX_BASIC_INFO *presp_data;
 	__u32 posix_flags = 0;
-	struct cifs_sb_info *cifs_sb = CIFS_SB(mnt->mnt_sb);
+	struct cifs_sb_info *cifs_sb = CIFS_SB(sb);
 	struct cifs_fattr fattr;
 
 	cFYI(1, ("posix open %s", full_path));
@@ -242,7 +243,7 @@ int cifs_posix_open(char *full_path, struct inode **pinode,
 
 	/* get new inode and set it up */
 	if (*pinode == NULL) {
-		*pinode = cifs_iget(mnt->mnt_sb, &fattr);
+		*pinode = cifs_iget(sb, &fattr);
 		if (!*pinode) {
 			rc = -ENOMEM;
 			goto posix_open_ret;
@@ -251,7 +252,8 @@ int cifs_posix_open(char *full_path, struct inode **pinode,
 		cifs_fattr_to_inode(*pinode, &fattr);
 	}
 
-	cifs_new_fileinfo(*pinode, *pnetfid, NULL, mnt, oflags);
+	if (mnt)
+		cifs_new_fileinfo(*pinode, *pnetfid, NULL, mnt, oflags);
 
 posix_open_ret:
 	kfree(presp_data);
@@ -315,13 +317,14 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
 	if (nd && (nd->flags & LOOKUP_OPEN))
 		oflags = nd->intent.open.flags;
 	else
-		oflags = FMODE_READ;
+		oflags = FMODE_READ | SMB_O_CREAT;
 
 	if (tcon->unix_ext && (tcon->ses->capabilities & CAP_UNIX) &&
 	    (CIFS_UNIX_POSIX_PATH_OPS_CAP &
 			le64_to_cpu(tcon->fsUnixInfo.Capability))) {
-		rc = cifs_posix_open(full_path, &newinode, nd->path.mnt,
-				     mode, oflags, &oplock, &fileHandle, xid);
+		rc = cifs_posix_open(full_path, &newinode,
+			nd ? nd->path.mnt : NULL,
+			inode->i_sb, mode, oflags, &oplock, &fileHandle, xid);
 		/* EIO could indicate that (posix open) operation is not
 		   supported, despite what server claimed in capability
 		   negotation.  EREMOTE indicates DFS junction, which is not
@@ -678,6 +681,7 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry,
 		     (nd->flags & LOOKUP_OPEN) && !pTcon->broken_posix_open &&
 		     (nd->intent.open.flags & O_CREAT)) {
 			rc = cifs_posix_open(full_path, &newInode, nd->path.mnt,
+					parent_dir_inode->i_sb,
 					nd->intent.open.create_mode,
 					nd->intent.open.flags, &oplock,
 					&fileHandle, xid);
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 3d8f8a9..503a459 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -297,10 +297,12 @@ int cifs_open(struct inode *inode, struct file *file)
 	    (CIFS_UNIX_POSIX_PATH_OPS_CAP &
 			le64_to_cpu(tcon->fsUnixInfo.Capability))) {
 		int oflags = (int) cifs_posix_convert_flags(file->f_flags);
+		oflags |= SMB_O_CREAT;
 		/* can not refresh inode info since size could be stale */
 		rc = cifs_posix_open(full_path, &inode, file->f_path.mnt,
-				     cifs_sb->mnt_file_mode /* ignored */,
-				     oflags, &oplock, &netfid, xid);
+				inode->i_sb,
+				cifs_sb->mnt_file_mode /* ignored */,
+				oflags, &oplock, &netfid, xid);
 		if (rc == 0) {
 			cFYI(1, ("posix open succeeded"));
 			/* no need for special case handling of setting mode
@@ -512,8 +514,9 @@ reopen_error_exit:
 		int oflags = (int) cifs_posix_convert_flags(file->f_flags);
 		/* can not refresh inode info since size could be stale */
 		rc = cifs_posix_open(full_path, NULL, file->f_path.mnt,
-				     cifs_sb->mnt_file_mode /* ignored */,
-				     oflags, &oplock, &netfid, xid);
+				inode->i_sb,
+				cifs_sb->mnt_file_mode /* ignored */,
+				oflags, &oplock, &netfid, xid);
 		if (rc == 0) {
 			cFYI(1, ("posix reopen succeeded"));
 			goto reopen_success;