diff options
| author | J. Bruce Fields <bfields@redhat.com> | 2012-05-12 21:08:41 -0400 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2012-05-31 20:29:51 -0400 |
| commit | ea236d0704b9b9e7742b107313bbdddbba62724a (patch) | |
| tree | 7740b9f39781f7efeb052c35fdfd395a28e1c9c3 /fs/nfsd | |
| parent | 2786cc3a056e642809a348d9b1e6a857b9d23d25 (diff) | |
nfsd4: exchange_id: check creds before killing confirmed client
We mustn't allow a client to destroy another client with established
state unless it has the right credential.
And some minor cleanup.
(Note: our comparison of credentials is actually pretty bogus currently;
that will need to be fixed in another patch.)
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd')
| -rw-r--r-- | fs/nfsd/nfs4state.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index aca84c942595..f372a6edef34 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c | |||
| @@ -1556,6 +1556,14 @@ nfsd4_exchange_id(struct svc_rqst *rqstp, | |||
| 1556 | status = nfserr_clid_inuse; /* XXX: ? */ | 1556 | status = nfserr_clid_inuse; /* XXX: ? */ |
| 1557 | goto out; | 1557 | goto out; |
| 1558 | } | 1558 | } |
| 1559 | if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { | ||
| 1560 | /* 18.35.4 case 9 */ | ||
| 1561 | if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) | ||
| 1562 | status = nfserr_perm; | ||
| 1563 | else /* case 3 */ | ||
| 1564 | status = nfserr_clid_inuse; | ||
| 1565 | goto out; | ||
| 1566 | } | ||
| 1559 | if (!same_verf(&verf, &conf->cl_verifier)) { | 1567 | if (!same_verf(&verf, &conf->cl_verifier)) { |
| 1560 | /* 18.35.4 case 8 */ | 1568 | /* 18.35.4 case 8 */ |
| 1561 | if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) { | 1569 | if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) { |
| @@ -1566,15 +1574,6 @@ nfsd4_exchange_id(struct svc_rqst *rqstp, | |||
| 1566 | expire_client(conf); | 1574 | expire_client(conf); |
| 1567 | goto out_new; | 1575 | goto out_new; |
| 1568 | } | 1576 | } |
| 1569 | if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) { | ||
| 1570 | /* 18.35.4 case 9 */ | ||
| 1571 | if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) { | ||
| 1572 | status = nfserr_perm; | ||
| 1573 | goto out; | ||
| 1574 | } | ||
| 1575 | expire_client(conf); | ||
| 1576 | goto out_new; | ||
| 1577 | } | ||
| 1578 | /* | 1577 | /* |
| 1579 | * Set bit when the owner id and verifier map to an already | 1578 | * Set bit when the owner id and verifier map to an already |
| 1580 | * confirmed client id (18.35.3). | 1579 | * confirmed client id (18.35.3). |