Commit 64e78755 authored by Namjae Jeon's avatar Namjae Jeon Committed by Steve French
Browse files

ksmbd: fix oops from fuse driver 



Marios reported kernel oops from fuse driver when ksmbd call
mark_inode_dirty(). This patch directly update ->i_ctime after removing
mark_inode_ditry() and notify_change will put inode to dirty list.

Cc: Tom Talpey <tom@talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Cc: Ralph Böhme <slow@samba.org>
Cc: Hyunchul Lee <hyc.lee@gmail.com>
Reported-by: default avatarMarios Makassikis <mmakassikis@freebox.fr>
Tested-by: default avatarMarios Makassikis <mmakassikis@freebox.fr>
Acked-by: default avatarHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: default avatarNamjae Jeon <linkinjeon@kernel.org>
Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
parent 2db72604

fs/ksmbd/smb2pdu.c

+6 −11
Original line number Diff line number Diff line
@@ -5483,7 +5483,6 @@ static int set_file_basic_info(struct ksmbd_file *fp, 
			       struct ksmbd_share_config *share)

{

	struct iattr attrs;

	struct timespec64 ctime;

	struct file *filp;

	struct inode *inode;

	struct user_namespace *user_ns;
@@ -5505,13 +5504,11 @@ static int set_file_basic_info(struct ksmbd_file *fp, 
		attrs.ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET);

	}



	if (file_info->ChangeTime) {

		attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);

		ctime = attrs.ia_ctime;

	attrs.ia_valid |= ATTR_CTIME;

	} else {

		ctime = inode->i_ctime;

	}

	if (file_info->ChangeTime)

		attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);

	else

		attrs.ia_ctime = inode->i_ctime;



	if (file_info->LastWriteTime) {

		attrs.ia_mtime = ksmbd_NTtimeToUnix(file_info->LastWriteTime);
@@ -5557,11 +5554,9 @@ static int set_file_basic_info(struct ksmbd_file *fp, 
			return -EACCES;



		inode_lock(inode);

		inode->i_ctime = attrs.ia_ctime;

		attrs.ia_valid &= ~ATTR_CTIME;

		rc = notify_change(user_ns, dentry, &attrs, NULL);

		if (!rc) {

			inode->i_ctime = ctime;

			mark_inode_dirty(inode);

		}

		inode_unlock(inode);

	}

	return rc;