lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

nfsd4: backchannel should use client-provided security flavor

Browse Source 
For now this only adds support for AUTH_NULL.  (Previously we assumed
AUTH_UNIX.)  We'll also need AUTH_GSS, which is trickier.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
This commit is contained in:
J. Bruce Fields
2012-11-05 16:01:48 -05:00
parent 57725155dc
commit 12fc3e92d4
3 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
fs/nfsd/nfs4callback.c
View File

@@ -692,7 +692,7 @@ static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *c
args.bc_xprt = conn->cb_xprt; args.bc_xprt = conn->cb_xprt;
args.prognumber = clp->cl_cb_session->se_cb_prog; args.prognumber = clp->cl_cb_session->se_cb_prog;
args.protocol = XPRT_TRANSPORT_BC_TCP; args.protocol = XPRT_TRANSPORT_BC_TCP;
args.authflavor = RPC_AUTH_UNIX; args.authflavor = ses->se_cb_sec.flavor;
} }
/* Create RPC client */ /* Create RPC client */
client = rpc_create(&args); client = rpc_create(&args);
@@ -709,7 +709,6 @@ static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *c
clp->cl_cb_client = client; clp->cl_cb_client = client;
clp->cl_cb_cred = cred; clp->cl_cb_cred = cred;
return 0; return 0;
} }
static void warn_no_callback_path(struct nfs4_client *clp, int reason) static void warn_no_callback_path(struct nfs4_client *clp, int reason)

14
fs/nfsd/nfs4xdr.c
View File

@@ -425,7 +425,7 @@ nfsd4_decode_access(struct nfsd4_compoundargs *argp, struct nfsd4_access *access
static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs) static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs)
{ {
DECODE_HEAD; DECODE_HEAD;
u32 dummy; u32 dummy, uid, gid;
char *machine_name; char *machine_name;
int i; int i;
int nr_secflavs; int nr_secflavs;
@@ -433,12 +433,15 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_
/* callback_sec_params4 */ /* callback_sec_params4 */
READ_BUF(4); READ_BUF(4);
READ32(nr_secflavs); READ32(nr_secflavs);
cbs->flavor = (u32)(-1);
for (i = 0; i < nr_secflavs; ++i) { for (i = 0; i < nr_secflavs; ++i) {
READ_BUF(4); READ_BUF(4);
READ32(dummy); READ32(dummy);
switch (dummy) { switch (dummy) {
case RPC_AUTH_NULL: case RPC_AUTH_NULL:
/* Nothing to read */ /* Nothing to read */
if (cbs->flavor == (u32)(-1))
cbs->flavor = RPC_AUTH_NULL;
break; break;
case RPC_AUTH_UNIX: case RPC_AUTH_UNIX:
READ_BUF(8); READ_BUF(8);
@@ -452,13 +455,18 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_
/* uid, gid */ /* uid, gid */
READ_BUF(8); READ_BUF(8);
READ32(cbs->uid); READ32(uid);
READ32(cbs->gid); READ32(gid);
/* more gids */ /* more gids */
READ_BUF(4); READ_BUF(4);
READ32(dummy); READ32(dummy);
READ_BUF(dummy * 4); READ_BUF(dummy * 4);
if (cbs->flavor == (u32)(-1)) {
cbs->uid = uid;
cbs->gid = gid;
cbs->flavor = RPC_AUTH_UNIX;
}
break; break;
case RPC_AUTH_GSS: case RPC_AUTH_GSS:
dprintk("RPC_AUTH_GSS callback secflavor " dprintk("RPC_AUTH_GSS callback secflavor "

1
fs/nfsd/state.h
View File

@@ -151,6 +151,7 @@ struct nfsd4_channel_attrs {
}; };
struct nfsd4_cb_sec { struct nfsd4_cb_sec {
u32 flavor; /* (u32)(-1) used to mean "no valid flavor" */
u32 uid; u32 uid;
u32 gid; u32 gid;
}; };