+++ This bug was initially created as a clone of Bug #723650 +++

Description of problem:  nfs4_getfacl decoding causes a kernel Oops when a server, for instance OnTap C-Mode, returns more than 2 GETATTR bitmap words in response to the FATTR4_ACL attribute request.

NOTE: While the NFS client only asks for one attribute (FATTR4_ACL) in the first bitmap word, the NFSv4 protocol allows for the server to return unbounded bitmaps, so the server returning more than two bitmap words (C-Mode OnTap returns 3, the last two being zero) is not a server bug.

Version-Release number of selected component (if applicable): All active NFS clients are affected. (RHEL5 RHEL6...)


How reproducible: 100% with OnTap C-Mode, or other server that returns more than 2 GETATTR FATTR4_ACL bitmap words.


Steps to Reproduce:
1. Mount C-Mode OnTap
2. run nfs4_getfacl on an exported file
3.
  
Actual results:

Either Kernel Oops in xdr_shrink_bufhead() BUG_ON, or a segmentation fault in libc. The ACL is not displayed.


Expected results:

The ACL should be displayed.


Additional info:

There is a fix for RHEL6:

commit e5012d1f3861d18c7f3814e757c1c3ab3741dbcd
Author: Andy Adamson <andros>
Date:   Mon Jul 11 17:17:42 2011 -0400

--- Additional comment from pm-rhel on 2011-07-20 14:39:45 EDT ---

This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux maintenance release. Product Management has 
requested further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed 
products. This request is not yet committed for inclusion in an Update release.

--- Additional comment from pm-rhel on 2011-07-20 15:31:31 EDT ---

This bugzilla has Keywords: Regression or TestBlocker.

Since no regressions or test blockers are allowed between releases,
it is also being [proposed|marked] as a blocker for this release.

Please resolve ASAP.

--- Additional comment from kmcmartin on 2011-07-20 15:51:32 EDT ---

Shuffling to POST.

--- Additional comment from kmcmartin on 2011-07-27 09:16:07 EDT ---

Patch(es) available on kernel-2.6.32-172.el6

--- Additional comment from kmcmartin on 2011-07-27 09:17:15 EDT ---

List of patches present on kernel-2.6.32-172.el6:
Related patch: http://patchwork.usersys.redhat.com/patch/37799
Related patch: http://patchwork.usersys.redhat.com/patch/37803
Related patch: http://patchwork.usersys.redhat.com/patch/37800
Related patch: http://patchwork.usersys.redhat.com/patch/37801

--- Additional comment from jiali on 2011-07-31 22:43:31 EDT ---

set qa_ack+, according to Andy's Description.

--- Additional comment from errata-xmlrpc on 2011-08-11 15:31:36 EDT ---

Bug report changed to ON_QA status by Errata System.
A QE request has been submitted for advisory RHBA-2011:11485-02
http://errata.devel.redhat.com/errata/show/11485

--- Additional comment from errata-xmlrpc on 2011-08-11 15:31:38 EDT ---

Bug report changed to ON_QA status by Errata System.
A QE request has been submitted for advisory RHBA-2011:11485-02
http://errata.devel.redhat.com/errata/show/11485

--- Additional comment from jiali on 2011-08-22 23:08:23 EDT ---

Hi Steve,
Could u pls tell how to setup an envir to test this bug? I don't understand "server that returns more than 2 GETATTR FATTR4_ACL bitmap words" without NETAPP's support?
Can we add xattr manually to create a second ATTR4_ACL data?

Thanks

--- Additional comment from androsadamson on 2011-09-02 13:44:58 EDT ---

You could test using pynfs4.1 by ensuring that the pynfs4.1 server returns a 3 word bitmap to the GETATTR FATTR4_ACL return with the second two bitmap words set to zero. This will trigger the bug.

-->Andy