[CIFS] Byte range unlock request to non-Unix server can unlock too much

On a mount without posix extensions enabled, when an unlock request is
made, the client can release more than is intended. To reproduce, on a
CIFS mount without posix extensions enabled:

1) open file
2) do fcntl lock: start=0 len=1
3) do fcntl lock: start=2 len=1
4) do fcntl unlock: start=0 len=1

...on the unlock call the client sends an unlock request to the server
for both locks. The problem is a bad test in cifs_lock.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
Jeff Layton 2007-08-24 03:16:51 +00:00 committed by Steve French
parent 95ba736210
commit 39db810cb6
2 changed files with 6 additions and 2 deletions

View File

@ -6,7 +6,10 @@ done with "serverino" mount option). Add support for POSIX Unlink
Samba supports newer POSIX CIFS Protocol Extensions). Add "nounix"
mount option to allow disabling the CIFS Unix Extensions for just
that mount. Fix hang on spinlock in find_writable_file (race when
reopening file after session crash).
reopening file after session crash). Byte range unlock request to
windows server could unlock more bytes (on server copy of file)
than intended if start of unlock request is well before start of
a previous byte range lock that we issued.
Version 1.49
------------

View File

@ -767,7 +767,8 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
mutex_lock(&fid->lock_mutex);
list_for_each_entry_safe(li, tmp, &fid->llist, llist) {
if (pfLock->fl_start <= li->offset &&
length >= li->length) {
(pflock->fl_start + length) >=
(li->offset + li->length)) {
stored_rc = CIFSSMBLock(xid, pTcon,
netfid,
li->length, li->offset,