nfsd: fix oops on access from high-numbered ports

[sfrench/cifs-2.6.git] / fs / nfsd / nfsfh.c

diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index 8fbd2dc08a92159a853ef748db561522ec0a0480..3e6b3f41ee1f342918e6e3f57493f3c0ab21b033 100644 (file)
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -47,7 +47,7 @@ static int nfsd_acceptable(void *expv, struct dentry *dentry)
                return 1;
 
        tdentry = dget(dentry);
-       while (tdentry != exp->ex_dentry && ! IS_ROOT(tdentry)) {
+       while (tdentry != exp->ex_path.dentry && !IS_ROOT(tdentry)) {
                /* make sure parents give x permission to user */
                int err;
                parent = dget_parent(tdentry);
@@ -59,9 +59,9 @@ static int nfsd_acceptable(void *expv, struct dentry *dentry)
                dput(tdentry);
                tdentry = parent;
        }
-       if (tdentry != exp->ex_dentry)
+       if (tdentry != exp->ex_path.dentry)
                dprintk("nfsd_acceptable failed at %p %s\n", tdentry, tdentry->d_name.name);
-       rv = (tdentry == exp->ex_dentry);
+       rv = (tdentry == exp->ex_path.dentry);
        dput(tdentry);
        return rv;
 }
@@ -101,7 +101,7 @@ static __be32 nfsd_setuser_and_check_port(struct svc_rqst *rqstp,
 {
        /* Check if the request originated from a secure port. */
        if (!rqstp->rq_secure && EX_SECURE(exp)) {
-               char buf[RPC_MAX_ADDRBUFLEN];
+               RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]);
                dprintk(KERN_WARNING
                       "nfsd: request from insecure port %s!\n",
                       svc_print_addr(rqstp, buf, sizeof(buf)));
@@ -209,9 +209,9 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, int access)
                        fileid_type = fh->fh_fileid_type;
 
                if (fileid_type == FILEID_ROOT)
-                       dentry = dget(exp->ex_dentry);
+                       dentry = dget(exp->ex_path.dentry);
                else {
-                       dentry = exportfs_decode_fh(exp->ex_mnt, fid,
+                       dentry = exportfs_decode_fh(exp->ex_path.mnt, fid,
                                        data_left, fileid_type,
                                        nfsd_acceptable, exp);
                }
@@ -232,6 +232,7 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, int access)
                fhp->fh_dentry = dentry;
                fhp->fh_export = exp;
                nfsd_nr_verified++;
+               cache_get(&exp->h);
        } else {
                /*
                 * just rechecking permissions
@@ -241,6 +242,7 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, int access)
                dprintk("nfsd: fh_verify - just checking\n");
                dentry = fhp->fh_dentry;
                exp = fhp->fh_export;
+               cache_get(&exp->h);
                /*
                 * Set user creds for this exportpoint; necessary even
                 * in the "just checking" case because this may be a
@@ -252,8 +254,6 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int type, int access)
                if (error)
                        goto out;
        }
-       cache_get(&exp->h);
-
 
        error = nfsd_mode_check(rqstp, dentry->d_inode->i_mode, type);
        if (error)
@@ -299,7 +299,7 @@ out:
 static void _fh_update(struct svc_fh *fhp, struct svc_export *exp,
                struct dentry *dentry)
 {
-       if (dentry != exp->ex_dentry) {
+       if (dentry != exp->ex_path.dentry) {
                struct fid *fid = (struct fid *)
                        (fhp->fh_handle.fh_auth + fhp->fh_handle.fh_size/4 - 1);
                int maxsize = (fhp->fh_maxsize - fhp->fh_handle.fh_size)/4;
@@ -344,12 +344,12 @@ fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry,
        struct inode * inode = dentry->d_inode;
        struct dentry *parent = dentry->d_parent;
        __u32 *datap;
-       dev_t ex_dev = exp->ex_dentry->d_inode->i_sb->s_dev;
-       int root_export = (exp->ex_dentry == exp->ex_dentry->d_sb->s_root);
+       dev_t ex_dev = exp->ex_path.dentry->d_inode->i_sb->s_dev;
+       int root_export = (exp->ex_path.dentry == exp->ex_path.dentry->d_sb->s_root);
 
        dprintk("nfsd: fh_compose(exp %02x:%02x/%ld %s/%s, ino=%ld)\n",
                MAJOR(ex_dev), MINOR(ex_dev),
-               (long) exp->ex_dentry->d_inode->i_ino,
+               (long) exp->ex_path.dentry->d_inode->i_ino,
                parent->d_name.name, dentry->d_name.name,
                (inode ? inode->i_ino : 0));
 
@@ -391,7 +391,7 @@ fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry,
                        /* FALL THROUGH */
                case FSID_MAJOR_MINOR:
                case FSID_ENCODE_DEV:
-                       if (!(exp->ex_dentry->d_inode->i_sb->s_type->fs_flags
+                       if (!(exp->ex_path.dentry->d_inode->i_sb->s_type->fs_flags
                              & FS_REQUIRES_DEV))
                                goto retry;
                        break;
@@ -454,7 +454,7 @@ fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry,
                fhp->fh_handle.ofh_dev =  old_encode_dev(ex_dev);
                fhp->fh_handle.ofh_xdev = fhp->fh_handle.ofh_dev;
                fhp->fh_handle.ofh_xino =
-                       ino_t_to_u32(exp->ex_dentry->d_inode->i_ino);
+                       ino_t_to_u32(exp->ex_path.dentry->d_inode->i_ino);
                fhp->fh_handle.ofh_dirino = ino_t_to_u32(parent_ino(dentry));
                if (inode)
                        _fh_update_old(dentry, exp, &fhp->fh_handle);
@@ -465,7 +465,7 @@ fh_compose(struct svc_fh *fhp, struct svc_export *exp, struct dentry *dentry,
                datap = fhp->fh_handle.fh_auth+0;
                fhp->fh_handle.fh_fsid_type = fsid_type;
                mk_fsid(fsid_type, datap, ex_dev,
-                       exp->ex_dentry->d_inode->i_ino,
+                       exp->ex_path.dentry->d_inode->i_ino,
                        exp->ex_fsid, exp->ex_uuid);
 
                len = key_len(fsid_type);
@@ -571,7 +571,7 @@ enum fsid_source fsid_source(struct svc_fh *fhp)
        case FSID_DEV:
        case FSID_ENCODE_DEV:
        case FSID_MAJOR_MINOR:
-               if (fhp->fh_export->ex_dentry->d_inode->i_sb->s_type->fs_flags
+               if (fhp->fh_export->ex_path.dentry->d_inode->i_sb->s_type->fs_flags
                    & FS_REQUIRES_DEV)
                        return FSIDSOURCE_DEV;
                break;