From 18a600897212c1480eb635112baeab017babfc83 Mon Sep 17 00:00:00 2001 From: Benjamin Coddington Date: Thu, 25 Jun 2015 09:25:50 -0400 Subject: [PATCH] nfs: verify open flags before allowing open Commit 9597c13b forbade opens with O_APPEND|O_DIRECT for NFSv4: nfs: verify open flags before allowing an atomic open Currently, you can open a NFSv4 file with O_APPEND|O_DIRECT, but cannot fcntl(F_SETFL,...) with those flags. This flag combination is explicitly forbidden on NFSv3 opens, and it seems like it should also be on NFSv4. However, you can still open a file with O_DIRECT|O_APPEND if there exists a cached dentry for the file because nfs4_file_open() is used instead of nfs_atomic_open() and the check is bypassed. Add the check in nfs4_file_open() as well. Signed-off-by: Benjamin Coddington Signed-off-by: Trond Myklebust --- fs/nfs/nfs4file.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/nfs/nfs4file.c b/fs/nfs/nfs4file.c index f58c17b3b480..dcd39d4e2efe 100644 --- a/fs/nfs/nfs4file.c +++ b/fs/nfs/nfs4file.c @@ -41,6 +41,10 @@ nfs4_file_open(struct inode *inode, struct file *filp) dprintk("NFS: open file(%pd2)\n", dentry); + err = nfs_check_flags(openflags); + if (err) + return err; + if ((openflags & O_ACCMODE) == 3) openflags--; -- GitLab