Date: Sun, 30 Dec 2001 11:12:20 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: arch@FreeBSD.org Subject: Re: adding cred argument to socreate(), making NFS connect using , mount-time credential Message-ID: <Pine.NEB.3.96L.1011230111139.94122C-100000@fledge.watson.org> In-Reply-To: <Pine.NEB.3.96L.1011229101514.84600D-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Updated version of the patch that neglects to leak a credential per NFS
unmount and per NFS mount failure. :-) Otherwise unchanged, and I plan
to commit tomorrow.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org NAI Labs, Safeport Network Services
==== //depot/vendor/freebsd/sys/dev/streams/streams.c#3 (text+ko) - //depot/user/rwatson/mountcred/sys/dev/streams/streams.c#2 (text+ko) ==== content
@@ -264,7 +264,8 @@
if ((error = falloc(td, &fp, &fd)) != 0)
return error;
- if ((error = socreate(family, &so, type, protocol, td)) != 0) {
+ if ((error = socreate(family, &so, type, protocol,
+ td->td_proc->p_ucred, td)) != 0) {
p->p_fd->fd_ofiles[fd] = 0;
ffree(fp);
return error;
==== //depot/vendor/freebsd/sys/fs/fifofs/fifo_vnops.c#4 (text+ko) - //depot/user/rwatson/mountcred/sys/fs/fifofs/fifo_vnops.c#2 (text+ko) ==== content
@@ -174,14 +174,16 @@
if ((fip = vp->v_fifoinfo) == NULL) {
MALLOC(fip, struct fifoinfo *, sizeof(*fip), M_VNODE, M_WAITOK);
vp->v_fifoinfo = fip;
- error = socreate(AF_LOCAL, &rso, SOCK_STREAM, 0, ap->a_td);
+ error = socreate(AF_LOCAL, &rso, SOCK_STREAM, 0,
+ ap->a_td->td_proc->p_ucred, ap->a_td);
if (error) {
free(fip, M_VNODE);
vp->v_fifoinfo = NULL;
return (error);
}
fip->fi_readsock = rso;
- error = socreate(AF_LOCAL, &wso, SOCK_STREAM, 0, ap->a_td);
+ error = socreate(AF_LOCAL, &wso, SOCK_STREAM, 0,
+ ap->a_td->td_proc->p_ucred, ap->a_td);
if (error) {
(void)soclose(rso);
free(fip, M_VNODE);
==== //depot/vendor/freebsd/sys/fs/portalfs/portal_vnops.c#2 (text+ko) - //depot/user/rwatson/mountcred/sys/fs/portalfs/portal_vnops.c#2 (text+ko) ==== content
@@ -246,7 +246,8 @@
/*
* Create a new socket.
*/
- error = socreate(AF_UNIX, &so, SOCK_STREAM, 0, ap->a_td);
+ error = socreate(AF_UNIX, &so, SOCK_STREAM, 0,
+ ap->a_td->td_proc->p_ucred, ap->a_td);
if (error)
goto bad;
==== //depot/vendor/freebsd/sys/kern/uipc_socket.c#9 (text+ko) - //depot/user/rwatson/mountcred/sys/kern/uipc_socket.c#2 (text+ko) ==== content
@@ -137,11 +137,12 @@
* closed with soclose().
*/
int
-socreate(dom, aso, type, proto, td)
+socreate(dom, aso, type, proto, cred, td)
int dom;
struct socket **aso;
register int type;
int proto;
+ struct ucred *cred;
struct thread *td;
{
register struct protosw *prp;
@@ -172,7 +173,7 @@
TAILQ_INIT(&so->so_incomp);
TAILQ_INIT(&so->so_comp);
so->so_type = type;
- so->so_cred = crhold(td->td_proc->p_ucred);
+ so->so_cred = crhold(cred);
so->so_proto = prp;
soref(so);
error = (*prp->pr_usrreqs->pru_attach)(so, proto, td);
==== //depot/vendor/freebsd/sys/kern/uipc_syscalls.c#5 (text+ko) - //depot/user/rwatson/mountcred/sys/kern/uipc_syscalls.c#3 (text+ko) ==== content
@@ -132,7 +132,8 @@
if (error)
goto done2;
fhold(fp);
- error = socreate(uap->domain, &so, uap->type, uap->protocol, td);
+ error = socreate(uap->domain, &so, uap->type, uap->protocol,
+ td->td_proc->p_ucred, td);
if (error) {
if (fdp->fd_ofiles[fd] == fp) {
fdp->fd_ofiles[fd] = NULL;
@@ -478,10 +479,12 @@
int fd, error, sv[2];
mtx_lock(&Giant);
- error = socreate(uap->domain, &so1, uap->type, uap->protocol, td);
+ error = socreate(uap->domain, &so1, uap->type, uap->protocol,
+ td->td_proc->p_ucred, td);
if (error)
goto done2;
- error = socreate(uap->domain, &so2, uap->type, uap->protocol, td);
+ error = socreate(uap->domain, &so2, uap->type, uap->protocol,
+ td->td_proc->p_ucred, td);
if (error)
goto free1;
error = falloc(td, &fp1, &fd);
==== //depot/vendor/freebsd/sys/netgraph/ng_ksocket.c#6 (text+ko) - //depot/user/rwatson/mountcred/sys/netgraph/ng_ksocket.c#2 (text+ko) ==== content
@@ -586,7 +586,8 @@
return (EINVAL);
/* Create the socket */
- error = socreate(family, &priv->so, type, protocol, td);
+ error = socreate(family, &priv->so, type, protocol,
+ td->td_proc->p_ucred, td);
if (error != 0)
return (error);
==== //depot/vendor/freebsd/sys/netsmb/smb_trantcp.c#2 (text+ko) - //depot/user/rwatson/mountcred/sys/netsmb/smb_trantcp.c#2 (text+ko) ==== content
@@ -226,7 +226,8 @@
struct socket *so;
int error, s;
- error = socreate(AF_INET, &so, SOCK_STREAM, IPPROTO_TCP, td);
+ error = socreate(AF_INET, &so, SOCK_STREAM, IPPROTO_TCP,
+ td->td_proc->p_ucred, td);
if (error)
return error;
nbp->nbp_tso = so;
==== //depot/vendor/freebsd/sys/nfsclient/bootp_subr.c#4 (text+ko) - //depot/user/rwatson/mountcred/sys/nfsclient/bootp_subr.c#3 (text+ko) ==== content
@@ -586,7 +586,8 @@
/*
* Create socket and set its recieve timeout.
*/
- error = socreate(AF_INET, &so, SOCK_DGRAM, 0, td);
+ error = socreate(AF_INET, &so, SOCK_DGRAM, 0, td->td_proc->p_ucred,
+ td);
if (error != 0)
goto out;
@@ -971,7 +972,8 @@
struct ifaddr *ifa;
struct sockaddr_dl *sdl;
- error = socreate(AF_INET, &ifctx->so, SOCK_DGRAM, 0, td);
+ error = socreate(AF_INET, &ifctx->so, SOCK_DGRAM, 0,
+ td->td_proc->p_ucred, td);
if (error != 0)
panic("nfs_boot: socreate, error=%d", error);
==== //depot/vendor/freebsd/sys/nfsclient/krpc_subr.c#3 (text+ko) - //depot/user/rwatson/mountcred/sys/nfsclient/krpc_subr.c#2 (text+ko) ==== content
@@ -215,7 +215,8 @@
/*
* Create socket and set its recieve timeout.
*/
- if ((error = socreate(AF_INET, &so, SOCK_DGRAM, 0, td)))
+ if ((error = socreate(AF_INET, &so, SOCK_DGRAM, 0,
+ td->td_proc->p_ucred, td)))
goto out;
tv.tv_sec = 1;
==== //depot/vendor/freebsd/sys/nfsclient/nfs_socket.c#6 (text+ko) - //depot/user/rwatson/mountcred/sys/nfsclient/nfs_socket.c#4 (text+ko) ==== content
@@ -162,7 +162,7 @@
nmp->nm_so = (struct socket *)0;
saddr = nmp->nm_nam;
error = socreate(saddr->sa_family, &nmp->nm_so, nmp->nm_sotype,
- nmp->nm_soproto, td);
+ nmp->nm_soproto, nmp->nm_cred, td);
if (error)
goto bad;
so = nmp->nm_so;
==== //depot/vendor/freebsd/sys/nfsclient/nfs_vfsops.c#9 (text+ko) - //depot/user/rwatson/mountcred/sys/nfsclient/nfs_vfsops.c#5 (text+ko) ==== content
@@ -92,7 +92,8 @@
static int nfs_iosize(struct nfsmount *nmp);
static void nfs_decode_args(struct nfsmount *nmp, struct nfs_args *argp);
static int mountnfs(struct nfs_args *, struct mount *,
- struct sockaddr *, char *, char *, struct vnode **);
+ struct sockaddr *, char *, char *, struct vnode **,
+ struct ucred *cred);
static int nfs_mount(struct mount *mp, char *path, caddr_t data,
struct nameidata *ndp, struct thread *td);
static int nfs_unmount(struct mount *mp, int mntflags, struct thread *td);
@@ -377,6 +378,7 @@
nfs_mountroot(struct mount *mp)
{
struct mount *swap_mp;
+ struct nfsmount *nmp = VFSTONFS(mp);
struct nfsv3_diskless *nd = &nfsv3_diskless;
struct socket *so;
struct vnode *vp;
@@ -419,7 +421,8 @@
* Do enough of ifconfig(8) so that the critical net interface can
* talk to the server.
*/
- error = socreate(nd->myif.ifra_addr.sa_family, &so, SOCK_DGRAM, 0, td);
+ error = socreate(nd->myif.ifra_addr.sa_family, &so, SOCK_DGRAM, 0,
+ nmp->nm_cred, td);
if (error)
panic("nfs_mountroot: socreate(%04x): %d",
nd->myif.ifra_addr.sa_family, error);
@@ -557,7 +560,8 @@
mp->mnt_kern_flag = 0;
mp->mnt_flag = mountflag;
nam = dup_sockaddr((struct sockaddr *)sin, 1);
- if ((error = mountnfs(args, mp, nam, which, path, vpp)) != 0) {
+ if ((error = mountnfs(args, mp, nam, which, path, vpp, td->td_ucred))
+ != 0) {
printf("nfs_mountroot: mount %s on %s: %d", path, which, error);
mp->mnt_vfc->vfc_refcount--;
vfs_unbusy(mp, td);
@@ -785,7 +789,7 @@
if (error)
return (error);
args.fh = nfh;
- error = mountnfs(&args, mp, nam, path, hst, &vp);
+ error = mountnfs(&args, mp, nam, path, hst, &vp, td->td_ucred);
return (error);
}
@@ -794,7 +798,7 @@
*/
static int
mountnfs(struct nfs_args *argp, struct mount *mp, struct sockaddr *nam,
- char *pth, char *hst, struct vnode **vpp)
+ char *pth, char *hst, struct vnode **vpp, struct ucred *cred)
{
struct nfsmount *nmp;
struct nfsnode *np;
@@ -814,6 +818,7 @@
}
vfs_getnewfsid(mp);
nmp->nm_mountp = mp;
+ nmp->nm_cred = crhold(cred);
/*
* V2 can only handle 32 bit filesizes. A 4GB-1 limit may be too
@@ -891,6 +896,7 @@
return (0);
bad:
nfs_disconnect(nmp);
+ crfree(nmp->nm_cred);
zfree(nfsmount_zone, nmp);
FREE(nam, M_SONAME);
return (error);
@@ -925,6 +931,7 @@
nfs_disconnect(nmp);
FREE(nmp->nm_nam, M_SONAME);
+ crfree(nmp->nm_cred);
zfree(nfsmount_zone, nmp);
return (0);
}
==== //depot/vendor/freebsd/sys/nfsclient/nfsmount.h#2 (text+ko) - //depot/user/rwatson/mountcred/sys/nfsclient/nfsmount.h#3 (text+ko) ==== content
@@ -53,6 +53,7 @@
u_char nm_fh[NFSX_V3FHMAX]; /* File handle of root dir */
int nm_fhsize; /* Size of root file handle */
struct socket *nm_so; /* Rpc socket */
+ struct ucred *nm_cred; /* Cached mount-time credential */
int nm_sotype; /* Type of socket */
int nm_soproto; /* and protocol */
int nm_soflags; /* pr_flags for socket protocol */
==== //depot/vendor/freebsd/sys/sys/socketvar.h#9 (text+ko) - //depot/user/rwatson/mountcred/sys/sys/socketvar.h#2 (text+ko) ==== content
@@ -383,7 +383,7 @@
int soconnect __P((struct socket *so, struct sockaddr *nam, struct thread *td));
int soconnect2 __P((struct socket *so1, struct socket *so2));
int socreate __P((int dom, struct socket **aso, int type, int proto,
- struct thread *td));
+ struct ucred *cred, struct thread *td));
int sodisconnect __P((struct socket *so));
void sofree __P((struct socket *so));
int sogetopt __P((struct socket *so, struct sockopt *sopt));
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1011230111139.94122C-100000>