From 10dcd5110678c6b241bbcf062f72ea14fb3597f3 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Wed, 7 Jan 2026 09:20:09 -0500 Subject: [PATCH 1/6] nfs: properly disallow delegation requests on directories Checking for S_ISREG() in nfs4_setlease() is incorrect, since that op is never called for directories. The right way to deny lease requests on directories is to set the ->setlease() operation to simple_nosetlease() in the directory file_operations. Fixes: e6d28ebc17eb ("filelock: push the S_ISREG check down to ->setlease handlers") Reported-by: Christoph Hellwig Closes: https://lore.kernel.org/linux-fsdevel/aV316LhsVSl0n9-E@infradead.org/ Signed-off-by: Jeff Layton Link: https://patch.msgid.link/20260107-setlease-6-19-v1-1-85f034abcc57@kernel.org Tested-by: Christoph Hellwig Signed-off-by: Christian Brauner --- fs/nfs/dir.c | 1 + fs/nfs/nfs4file.c | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 23a78a742b61..71df279febf7 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -66,6 +66,7 @@ const struct file_operations nfs_dir_operations = { .open = nfs_opendir, .release = nfs_closedir, .fsync = nfs_fsync_dir, + .setlease = simple_nosetlease, }; const struct address_space_operations nfs_dir_aops = { diff --git a/fs/nfs/nfs4file.c b/fs/nfs/nfs4file.c index 7317f26892c5..7f43e890d356 100644 --- a/fs/nfs/nfs4file.c +++ b/fs/nfs/nfs4file.c @@ -431,8 +431,6 @@ void nfs42_ssc_unregister_ops(void) static int nfs4_setlease(struct file *file, int arg, struct file_lease **lease, void **priv) { - if (!S_ISREG(file_inode(file)->i_mode)) - return -EINVAL; return nfs4_proc_setlease(file, arg, lease, priv); } From b9a9be4d3557b97303ac6c8b5e153b7ef569d886 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Wed, 7 Jan 2026 09:20:10 -0500 Subject: [PATCH 2/6] smb/client: properly disallow delegations on directories The check for S_ISREG() in cifs_setlease() is incorrect since that operation doesn't get called for directories. The correct way to prevent delegations on directories is to set the ->setlease() method in directory file_operations to simple_nosetlease(). Fixes: e6d28ebc17eb ("filelock: push the S_ISREG check down to ->setlease handlers") Signed-off-by: Jeff Layton Link: https://patch.msgid.link/20260107-setlease-6-19-v1-2-85f034abcc57@kernel.org Signed-off-by: Christian Brauner --- fs/smb/client/cifsfs.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/fs/smb/client/cifsfs.c b/fs/smb/client/cifsfs.c index d9664634144d..a3dc7cb1ab54 100644 --- a/fs/smb/client/cifsfs.c +++ b/fs/smb/client/cifsfs.c @@ -1149,9 +1149,6 @@ cifs_setlease(struct file *file, int arg, struct file_lease **lease, void **priv struct inode *inode = file_inode(file); struct cifsFileInfo *cfile = file->private_data; - if (!S_ISREG(inode->i_mode)) - return -EINVAL; - /* Check if file is oplocked if this is request for new lease */ if (arg == F_UNLCK || ((arg == F_RDLCK) && CIFS_CACHE_READ(CIFS_I(inode))) || @@ -1712,6 +1709,7 @@ const struct file_operations cifs_dir_ops = { .remap_file_range = cifs_remap_file_range, .llseek = generic_file_llseek, .fsync = cifs_dir_fsync, + .setlease = simple_nosetlease, }; static void From 5d65a70bd0437d2a7762164eb5015f6975937986 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Wed, 7 Jan 2026 09:20:11 -0500 Subject: [PATCH 3/6] 9p: don't allow delegations to be set on directories With the advent of directory leases, it's necessary to set the ->setlease() handler in directory file_operations to properly deny them. Fixes: e6d28ebc17eb ("filelock: push the S_ISREG check down to ->setlease handlers") Signed-off-by: Jeff Layton Link: https://patch.msgid.link/20260107-setlease-6-19-v1-3-85f034abcc57@kernel.org Signed-off-by: Christian Brauner --- fs/9p/vfs_dir.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/9p/vfs_dir.c b/fs/9p/vfs_dir.c index e0d34e4e9076..af7f72abbb76 100644 --- a/fs/9p/vfs_dir.c +++ b/fs/9p/vfs_dir.c @@ -242,6 +242,7 @@ const struct file_operations v9fs_dir_operations = { .iterate_shared = v9fs_dir_readdir, .open = v9fs_file_open, .release = v9fs_dir_release, + .setlease = simple_nosetlease, }; const struct file_operations v9fs_dir_operations_dotl = { @@ -251,4 +252,5 @@ const struct file_operations v9fs_dir_operations_dotl = { .open = v9fs_file_open, .release = v9fs_dir_release, .fsync = v9fs_file_fsync_dotl, + .setlease = simple_nosetlease, }; From ce946c4fb98c95519ee39ab7d4b117ff15f09efa Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Wed, 7 Jan 2026 09:20:12 -0500 Subject: [PATCH 4/6] gfs2: don't allow delegations to be set on directories With the advent of directory leases, it's necessary to set the ->setlease() handler in directory file_operations to properly deny them. In the "nolock" case however, there is no need to deny them. Fixes: e6d28ebc17eb ("filelock: push the S_ISREG check down to ->setlease handlers") Signed-off-by: Jeff Layton Link: https://patch.msgid.link/20260107-setlease-6-19-v1-4-85f034abcc57@kernel.org Signed-off-by: Christian Brauner --- fs/gfs2/file.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/gfs2/file.c b/fs/gfs2/file.c index b2d23c98c996..86376f0dbf3a 100644 --- a/fs/gfs2/file.c +++ b/fs/gfs2/file.c @@ -1608,6 +1608,7 @@ const struct file_operations gfs2_dir_fops = { .lock = gfs2_lock, .flock = gfs2_flock, .llseek = default_llseek, + .setlease = simple_nosetlease, .fop_flags = FOP_ASYNC_LOCK, }; From ffb321045b0f1cd8bcea215269fbaa17c12da038 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Wed, 7 Jan 2026 09:20:13 -0500 Subject: [PATCH 5/6] ceph: don't allow delegations to be set on directories With the advent of directory leases, it's necessary to set the ->setlease() handler in directory file_operations to properly deny them. Fixes: e6d28ebc17eb ("filelock: push the S_ISREG check down to ->setlease handlers") Signed-off-by: Jeff Layton Link: https://patch.msgid.link/20260107-setlease-6-19-v1-5-85f034abcc57@kernel.org Reviewed-by: Viacheslav Dubeyko Signed-off-by: Christian Brauner --- fs/ceph/dir.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 86d7aa594ea9..804588524cd5 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -2214,6 +2214,7 @@ const struct file_operations ceph_dir_fops = { .fsync = ceph_fsync, .lock = ceph_lock, .flock = ceph_flock, + .setlease = simple_nosetlease, }; const struct file_operations ceph_snapdir_fops = { @@ -2221,6 +2222,7 @@ const struct file_operations ceph_snapdir_fops = { .llseek = ceph_dir_llseek, .open = ceph_open, .release = ceph_release, + .setlease = simple_nosetlease, }; const struct inode_operations ceph_dir_iops = { From 8a5511eeaa5c4e5c2be6209abe549302b70311b0 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Wed, 7 Jan 2026 09:20:14 -0500 Subject: [PATCH 6/6] vboxsf: don't allow delegations to be set on directories With the advent of directory leases, it's necessary to set the ->setlease() handler in directory file_operations to properly deny them. Fixes: e6d28ebc17eb ("filelock: push the S_ISREG check down to ->setlease handlers") Signed-off-by: Jeff Layton Link: https://patch.msgid.link/20260107-setlease-6-19-v1-6-85f034abcc57@kernel.org Signed-off-by: Christian Brauner --- fs/vboxsf/dir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/vboxsf/dir.c b/fs/vboxsf/dir.c index 42bedc4ec7af..230d7589d15c 100644 --- a/fs/vboxsf/dir.c +++ b/fs/vboxsf/dir.c @@ -186,6 +186,7 @@ const struct file_operations vboxsf_dir_fops = { .release = vboxsf_dir_release, .read = generic_read_dir, .llseek = generic_file_llseek, + .setlease = simple_nosetlease, }; /*