Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6fa02839bf9412e18e773d04e96182b4cd0b5d57
Commit:     6fa02839bf9412e18e773d04e96182b4cd0b5d57
Parent:     ac8587dcb58e40dd336d99d60f852041e06cc3dd
Author:     J. Bruce Fields <[EMAIL PROTECTED]>
AuthorDate: Mon Nov 12 16:05:03 2007 -0500
Committer:  Linus Torvalds <[EMAIL PROTECTED]>
CommitDate: Mon Nov 12 14:28:08 2007 -0800

    nfsd4: recheck for secure ports in fh_verify
    
    As with commit 7fc90ec93a5eb71f4b08403baf5ba7176b3ec6b1 ("knfsd: nfsd:
    call nfsd_setuser() on fh_compose(), fix nfsd4 permissions problem")
    this is a case where we need to redo a security check in fh_verify()
    even though the filehandle already has an associated dentry--if the
    filehandle was created by fh_compose() in an earlier operation of the
    nfsv4 compound, then we may not have done these checks yet.
    
    Without this fix it is possible, for example, to traverse from an export
    without the secure ports requirement to one with it in a single
    compound, and bypass the secure port check on the new export.
    
    While we're here, fix up some minor style problems and change a printk()
    to a dprintk(), to make it harder for random unprivileged users to spam
    the logs.
    
    Signed-off-by: J. Bruce Fields <[EMAIL PROTECTED]>
    Reviewed-By: NeilBrown <[EMAIL PROTECTED]>
    Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
---
 fs/nfsd/nfsfh.c |   43 ++++++++++++++++++++++++++-----------------
 1 files changed, 26 insertions(+), 17 deletions(-)

diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index 4f712e9..468f17a 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -95,6 +95,22 @@ nfsd_mode_check(struct svc_rqst *rqstp, umode_t mode, int 
type)
        return 0;
 }
 
+static __be32 nfsd_setuser_and_check_port(struct svc_rqst *rqstp,
+                                         struct svc_export *exp)
+{
+       /* Check if the request originated from a secure port. */
+       if (!rqstp->rq_secure && EX_SECURE(exp)) {
+               char buf[RPC_MAX_ADDRBUFLEN];
+               dprintk(KERN_WARNING
+                      "nfsd: request from insecure port %s!\n",
+                      svc_print_addr(rqstp, buf, sizeof(buf)));
+               return nfserr_perm;
+       }
+
+       /* Set user creds for this exportpoint */
+       return nfserrno(nfsd_setuser(rqstp, exp));
+}
+
 /*
  * Perform sanity checks on the dentry in a client's file handle.
  *
@@ -167,18 +183,7 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int 
type, int access)
                        goto out;
                }
 
-               /* Check if the request originated from a secure port. */
-               error = nfserr_perm;
-               if (!rqstp->rq_secure && EX_SECURE(exp)) {
-                       char buf[RPC_MAX_ADDRBUFLEN];
-                       printk(KERN_WARNING
-                              "nfsd: request from insecure port %s!\n",
-                              svc_print_addr(rqstp, buf, sizeof(buf)));
-                       goto out;
-               }
-
-               /* Set user creds for this exportpoint */
-               error = nfserrno(nfsd_setuser(rqstp, exp));
+               error = nfsd_setuser_and_check_port(rqstp, exp);
                if (error)
                        goto out;
 
@@ -227,18 +232,22 @@ fh_verify(struct svc_rqst *rqstp, struct svc_fh *fhp, int 
type, int access)
                fhp->fh_export = exp;
                nfsd_nr_verified++;
        } else {
-               /* just rechecking permissions
-                * (e.g. nfsproc_create calls fh_verify, then nfsd_create does 
as well)
+               /*
+                * just rechecking permissions
+                * (e.g. nfsproc_create calls fh_verify, then nfsd_create
+                * does as well)
                 */
                dprintk("nfsd: fh_verify - just checking\n");
                dentry = fhp->fh_dentry;
                exp = fhp->fh_export;
-               /* Set user creds for this exportpoint; necessary even
+               /*
+                * Set user creds for this exportpoint; necessary even
                 * in the "just checking" case because this may be a
                 * filehandle that was created by fh_compose, and that
                 * is about to be used in another nfsv4 compound
-                * operation */
-               error = nfserrno(nfsd_setuser(rqstp, exp));
+                * operation.
+                */
+               error = nfsd_setuser_and_check_port(rqstp, exp);
                if (error)
                        goto out;
        }
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to