From marck@woozle.rinet.ru  Fri Jan 29 12:15:01 2010
Return-Path: <marck@woozle.rinet.ru>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EADBC106568B
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 29 Jan 2010 12:15:01 +0000 (UTC)
	(envelope-from marck@woozle.rinet.ru)
Received: from woozle.rinet.ru (woozle.rinet.ru [195.54.192.68])
	by mx1.freebsd.org (Postfix) with ESMTP id 6A8A68FC0A
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 29 Jan 2010 12:15:00 +0000 (UTC)
Received: from woozle.rinet.ru (localhost [127.0.0.1])
	by woozle.rinet.ru (8.14.3/8.14.3) with ESMTP id o0TCExKR012469
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 29 Jan 2010 15:14:59 +0300 (MSK)
	(envelope-from marck@woozle.rinet.ru)
Received: (from marck@localhost)
	by woozle.rinet.ru (8.14.3/8.14.3/Submit) id o0TCExr0012468;
	Fri, 29 Jan 2010 15:14:59 +0300 (MSK)
	(envelope-from marck)
Message-Id: <201001291214.o0TCExr0012468@woozle.rinet.ru>
Date: Fri, 29 Jan 2010 15:14:59 +0300 (MSK)
From: Dmitry Morozovsky <marck@freebsd.org>
Reply-To: Dmitry Morozovsky <marck@freebsd.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: ZFS: bug in sunlink flag on directories
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         143343
>Category:       kern
>Synopsis:       [zfs] bug in sunlink flag on directories
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pjd
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 29 12:20:09 UTC 2010
>Closed-Date:    Sat May 01 19:24:04 UTC 2010
>Last-Modified:  Wed May  5 09:10:01 UTC 2010
>Originator:     Dmitry Morozovsky
>Release:        FreeBSD 8-STABLE
>Organization:
Cronyx Plus LLC (RiNet ISP)
>Environment:
System: FreeBSD 8-STABLE 


>Description:

On UFS, [s]unlink flag set on a directory does NOT prevent from changing its
content, like creating new files or renaming existing.  On ZFS, these flags are
effectively equivalent to immutable.


>How-To-Repeat:

Script started on Fri Jan 29 15:02:57 2010
root@hamster:/var/tmp# echo this is ZFS
this is ZFS
root@hamster:/var/tmp# mkdir sunlnk-test
root@hamster:/var/tmp# cd !$
cd sunlnk-test
root@hamster:/var/tmp/sunlnk-test# mkdir test
root@hamster:/var/tmp/sunlnk-test# chflags sunlnk test
root@hamster:/var/tmp/sunlnk-test# echo 123 >test/testfile
root@hamster:/var/tmp/sunlnk-test# mv test/testfile test/testfile.new
mv: rename test/testfile to test/testfile.new: Operation not permitted
root@hamster:/var/tmp/sunlnk-test# exit
exit

Script done on Fri Jan 29 15:03:52 2010

Script started on Fri Jan 29 15:04:10 2010
root@hamster:/tmp# echo this is UFS
this is UFS
root@hamster:/tmp# mkdir test
root@hamster:/tmp# chflags sunlnk test
root@hamster:/tmp# echo 123 >test/testfile
root@hamster:/tmp# mv test/testfile test/testfile.new
root@hamster:/tmp# rm -rf test
rm: test: Operation not permitted
root@hamster:/tmp# ls -lao test
total 4
drwxr-xr-x  2 root  wheel  sunlnk 512 Jan 29 15:04 ./
drwxrwxrwt  8 root  wheel  -      512 Jan 29 15:04 ../
root@hamster:/tmp# exit
exit

Script done on Fri Jan 29 15:05:11 2010


>Fix:


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-fs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Jan 29 18:44:25 UTC 2010 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=143343 
Responsible-Changed-From-To: freebsd-fs->pjd 
Responsible-Changed-By: pjd 
Responsible-Changed-When: ptk 19 mar 2010 22:56:35 UTC 
Responsible-Changed-Why:  
I'll take this one. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=143343 
State-Changed-From-To: open->patched 
State-Changed-By: pjd 
State-Changed-When: czw 22 kwi 2010 18:47:43 UTC 
State-Changed-Why:  
Could you confirm that r207068 fixes the problem you reported? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=143343 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/143343: commit references a PR
Date: Thu, 22 Apr 2010 18:47:38 +0000 (UTC)

 Author: pjd
 Date: Thu Apr 22 18:47:23 2010
 New Revision: 207068
 URL: http://svn.freebsd.org/changeset/base/207068
 
 Log:
   Allow to modify directory's content even if the ZFS_NOUNLINK (SF_NOUNLINK,
   sunlnk) flag is set. We only deny dirctory's removal or rename.
   
   PR:		kern/143343
   Reported by:	marck
   MFC after:	3 days
 
 Modified:
   head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c
 
 Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c
 ==============================================================================
 --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c	Thu Apr 22 18:44:23 2010	(r207067)
 +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c	Thu Apr 22 18:47:23 2010	(r207068)
 @@ -2235,11 +2235,24 @@ zfs_zaccess_common(znode_t *zp, uint32_t
  		return (EPERM);
  	}
  
 +#ifdef sun
  	if ((v4_mode & (ACE_DELETE | ACE_DELETE_CHILD)) &&
  	    (zp->z_phys->zp_flags & ZFS_NOUNLINK)) {
  		*check_privs = B_FALSE;
  		return (EPERM);
  	}
 +#else
 +	/*
 +	 * In FreeBSD we allow to modify directory's content is ZFS_NOUNLINK
 +	 * (sunlnk) is set. We just don't allow directory removal, which is
 +	 * handled in zfs_zaccess_delete().
 +	 */
 +	if ((v4_mode & ACE_DELETE) &&
 +	    (zp->z_phys->zp_flags & ZFS_NOUNLINK)) {
 +		*check_privs = B_FALSE;
 +		return (EPERM);
 +	}
 +#endif
  
  	if (((v4_mode & (ACE_READ_DATA|ACE_EXECUTE)) &&
  	    (zp->z_phys->zp_flags & ZFS_AV_QUARANTINED))) {
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 

From: Dmitry Morozovsky <marck@FreeBSD.org>
To: Pawel Jakub Dawidek <pjd@FreeBSD.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: kern/143343: [zfs] bug in sunlink flag on directories
Date: Fri, 23 Apr 2010 17:07:24 +0400 (MSD)

 On Thu, 22 Apr 2010, pjd@FreeBSD.org wrote:
 
 > Could you confirm that r207068 fixes the problem you reported?
 
 Yes, I can confirm it works up to stable/7
 
 Thank you!
 
 -- 
 Sincerely,
 D.Marck                                        [DM5020, MCK-RIPE, DM3-RIPN]
 ---------------------------------------------------------------------------
 *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@FreeBSD.org ***
 ---------------------------------------------------------------------------

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/143343: commit references a PR
Date: Sat,  1 May 2010 19:00:48 +0000 (UTC)

 Author: pjd
 Date: Sat May  1 19:00:33 2010
 New Revision: 207477
 URL: http://svn.freebsd.org/changeset/base/207477
 
 Log:
   MFC r207068,r207334:
   
   r207068:
   
   Allow to modify directory's content even if the ZFS_NOUNLINK (SF_NOUNLINK,
   sunlnk) flag is set. We only deny dirctory's removal or rename.
   
   PR:		kern/143343
   Reported by:	marck
   
   r207334:
   
   Backport fix for 'zfs_znode_dmu_init: existing znode for dbuf' panic from OpenSolaris.
   
   PR:		kern/144402
   Reported by:	Alex Bakhtin <alex.bakhtin@gmail.com>
   Tested by:	Alex Bakhtin <alex.bakhtin@gmail.com>
   Obtained from:	OpenSolaris, Bug ID 6895088
 
 Modified:
   stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c
   stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c
 Directory Properties:
   stable/8/sys/   (props changed)
   stable/8/sys/amd64/include/xen/   (props changed)
   stable/8/sys/cddl/contrib/opensolaris/   (props changed)
   stable/8/sys/contrib/dev/acpica/   (props changed)
   stable/8/sys/contrib/pf/   (props changed)
   stable/8/sys/dev/xen/xenpci/   (props changed)
   stable/8/sys/geom/sched/   (props changed)
 
 Modified: stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c
 ==============================================================================
 --- stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c	Sat May  1 18:56:45 2010	(r207476)
 +++ stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c	Sat May  1 19:00:33 2010	(r207477)
 @@ -2235,11 +2235,24 @@ zfs_zaccess_common(znode_t *zp, uint32_t
  		return (EPERM);
  	}
  
 +#ifdef sun
  	if ((v4_mode & (ACE_DELETE | ACE_DELETE_CHILD)) &&
  	    (zp->z_phys->zp_flags & ZFS_NOUNLINK)) {
  		*check_privs = B_FALSE;
  		return (EPERM);
  	}
 +#else
 +	/*
 +	 * In FreeBSD we allow to modify directory's content is ZFS_NOUNLINK
 +	 * (sunlnk) is set. We just don't allow directory removal, which is
 +	 * handled in zfs_zaccess_delete().
 +	 */
 +	if ((v4_mode & ACE_DELETE) &&
 +	    (zp->z_phys->zp_flags & ZFS_NOUNLINK)) {
 +		*check_privs = B_FALSE;
 +		return (EPERM);
 +	}
 +#endif
  
  	if (((v4_mode & (ACE_READ_DATA|ACE_EXECUTE)) &&
  	    (zp->z_phys->zp_flags & ZFS_AV_QUARANTINED))) {
 
 Modified: stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c
 ==============================================================================
 --- stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c	Sat May  1 18:56:45 2010	(r207476)
 +++ stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c	Sat May  1 19:00:33 2010	(r207477)
 @@ -704,6 +704,8 @@ zfs_mknode(znode_t *dzp, vattr_t *vap, d
  			    DMU_OT_ZNODE, sizeof (znode_phys_t) + bonuslen, tx);
  		}
  	}
 +
 +	ZFS_OBJ_HOLD_ENTER(zfsvfs, obj);
  	VERIFY(0 == dmu_bonus_hold(zfsvfs->z_os, obj, NULL, &db));
  	dmu_buf_will_dirty(db, tx);
  
 @@ -765,9 +767,7 @@ zfs_mknode(znode_t *dzp, vattr_t *vap, d
  
  	pzp->zp_mode = MAKEIMODE(vap->va_type, vap->va_mode);
  	if (!(flag & IS_ROOT_NODE)) {
 -		ZFS_OBJ_HOLD_ENTER(zfsvfs, obj);
  		*zpp = zfs_znode_alloc(zfsvfs, db, 0);
 -		ZFS_OBJ_HOLD_EXIT(zfsvfs, obj);
  	} else {
  		/*
  		 * If we are creating the root node, the "parent" we
 @@ -776,6 +776,7 @@ zfs_mknode(znode_t *dzp, vattr_t *vap, d
  		*zpp = dzp;
  	}
  	zfs_perm_init(*zpp, dzp, flag, vap, tx, cr, setaclp, fuidp);
 +	ZFS_OBJ_HOLD_EXIT(zfsvfs, obj);
  	if (!(flag & IS_ROOT_NODE)) {
  		vnode_t *vp;
  
 @@ -939,19 +940,31 @@ again:
  
  	/*
  	 * Not found create new znode/vnode
 +	 * but only if file exists.
 +	 *
 +	 * There is a small window where zfs_vget() could
 +	 * find this object while a file create is still in
 +	 * progress.  Since a gen number can never be zero
 +	 * we will check that to determine if its an allocated
 +	 * file.
  	 */
 -	zp = zfs_znode_alloc(zfsvfs, db, doi.doi_data_block_size);
 -
 -	vp = ZTOV(zp);
 -	vp->v_vflag |= VV_FORCEINSMQ;
 -	err = insmntque(vp, zfsvfs->z_vfs);
 -	vp->v_vflag &= ~VV_FORCEINSMQ;
 -	KASSERT(err == 0, ("insmntque() failed: error %d", err));
 -	VOP_UNLOCK(vp, 0);
  
 +	if (((znode_phys_t *)db->db_data)->zp_gen != 0) {
 +		zp = zfs_znode_alloc(zfsvfs, db, doi.doi_data_block_size);
 +		*zpp = zp;
 +		vp = ZTOV(zp);
 +		vp->v_vflag |= VV_FORCEINSMQ;
 +		err = insmntque(vp, zfsvfs->z_vfs);
 +		vp->v_vflag &= ~VV_FORCEINSMQ;
 +		KASSERT(err == 0, ("insmntque() failed: error %d", err));
 +		VOP_UNLOCK(vp, 0);
 +		err = 0;
 +	} else {
 +		dmu_buf_rele(db, NULL);
 +		err = ENOENT;
 +	}
  	ZFS_OBJ_HOLD_EXIT(zfsvfs, obj_num);
 -	*zpp = zp;
 -	return (0);
 +	return (err);
  }
  
  int
 @@ -1440,6 +1453,7 @@ zfs_create_fs(objset_t *os, cred_t *cr, 
  	uint64_t	norm = 0;
  	nvpair_t	*elem;
  	int		error;
 +	int		i;
  	znode_t		*rootzp = NULL;
  	vnode_t		vnode;
  	vattr_t		vattr;
 @@ -1537,6 +1551,9 @@ zfs_create_fs(objset_t *os, cred_t *cr, 
  	list_create(&zfsvfs.z_all_znodes, sizeof (znode_t),
  	    offsetof(znode_t, z_link_node));
  
 +	for (i = 0; i != ZFS_OBJ_MTX_SZ; i++)
 +		mutex_init(&zfsvfs.z_hold_mtx[i], NULL, MUTEX_DEFAULT, NULL);
 +
  	ASSERT(!POINTER_IS_VALID(rootzp->z_zfsvfs));
  	rootzp->z_zfsvfs = &zfsvfs;
  	zfs_mknode(rootzp, &vattr, tx, cr, IS_ROOT_NODE, &zp, 0, NULL, NULL);
 @@ -1547,6 +1564,8 @@ zfs_create_fs(objset_t *os, cred_t *cr, 
  
  	dmu_buf_rele(rootzp->z_dbuf, NULL);
  	rootzp->z_dbuf = NULL;
 +	for (i = 0; i != ZFS_OBJ_MTX_SZ; i++)
 +		mutex_destroy(&zfsvfs.z_hold_mtx[i]);
  	mutex_destroy(&zfsvfs.z_znodes_lock);
  	rootzp->z_vnode = NULL;
  	kmem_cache_free(znode_cache, rootzp);
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: pjd 
State-Changed-When: sob 1 maj 2010 19:23:38 UTC 
State-Changed-Why:  
Fix MFCed to stable/8. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=143343 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/143343: commit references a PR
Date: Wed,  5 May 2010 09:01:24 +0000 (UTC)

 Author: marck (doc committer)
 Date: Wed May  5 09:01:15 2010
 New Revision: 207653
 URL: http://svn.freebsd.org/changeset/base/207653
 
 Log:
   MFC  r207068:
   
     Allow to modify directory's content even if the ZFS_NOUNLINK (SF_NOUNLINK,
     sunlnk) flag is set. We only deny dirctory's removal or rename.
   
     PR:           kern/143343
     Approved by:	pjd
 
 Modified:
   stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c
 Directory Properties:
   stable/7/sys/   (props changed)
   stable/7/sys/cddl/contrib/opensolaris/   (props changed)
   stable/7/sys/contrib/dev/acpica/   (props changed)
   stable/7/sys/contrib/pf/   (props changed)
 
 Modified: stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c
 ==============================================================================
 --- stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c	Wed May  5 08:58:58 2010	(r207652)
 +++ stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c	Wed May  5 09:01:15 2010	(r207653)
 @@ -2227,11 +2227,24 @@ zfs_zaccess_common(znode_t *zp, uint32_t
  		return (EPERM);
  	}
  
 +#ifdef sun
  	if ((v4_mode & (ACE_DELETE | ACE_DELETE_CHILD)) &&
  	    (zp->z_phys->zp_flags & ZFS_NOUNLINK)) {
  		*check_privs = B_FALSE;
  		return (EPERM);
  	}
 +#else
 +	/*
 +	 * In FreeBSD we allow to modify directory's content is ZFS_NOUNLINK
 +	 * (sunlnk) is set. We just don't allow directory removal, which is
 +	 * handled in zfs_zaccess_delete().
 +	 */
 +	if ((v4_mode & ACE_DELETE) &&
 +	    (zp->z_phys->zp_flags & ZFS_NOUNLINK)) {
 +		*check_privs = B_FALSE;
 +		return (EPERM);
 +	}
 +#endif
  
  	if (((v4_mode & (ACE_READ_DATA|ACE_EXECUTE)) &&
  	    (zp->z_phys->zp_flags & ZFS_AV_QUARANTINED))) {
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
