Date: Fri, 22 Nov 2002 07:59:33 -0800 (PST) From: Brian Feldman <green@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 21372 for review Message-ID: <200211221559.gAMFxXWw064948@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=21372 Change 21372 by green@green_laptop_2 on 2002/11/22 07:58:33 Use real ucreds in the NFS server's request structures for consistency, and compare only the relevant parts of each instead of relying on all of ucred's "bookkeeping" being invalid. Affected files ... .. //depot/projects/trustedbsd/mac/sys/nfsserver/nfs.h#5 edit .. //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_serv.c#17 edit .. //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_srvsock.c#8 edit .. //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_syscalls.c#11 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/nfsserver/nfs.h#5 (text+ko) ==== @@ -254,7 +254,7 @@ u_int32_t nd_retxid; /* Reply xid */ struct timeval nd_starttime; /* Time RPC initiated */ fhandle_t nd_fh; /* File handle */ - struct ucred nd_cr; /* Credentials */ + struct ucred *nd_cr; /* Credentials */ }; /* Bits for "nd_flag" */ @@ -272,8 +272,10 @@ !bcmp((caddr_t)&(o)->nd_fh, (caddr_t)&(n)->nd_fh, NFSX_V3FH)) #define NFSW_SAMECRED(o, n) \ - (!bcmp((caddr_t)&(o)->nd_cr, (caddr_t)&(n)->nd_cr, \ - sizeof (struct ucred))) + ((o)->nd_cr->cr_uid == (n)->nd_cr->cr_uid && \ + (o)->nd_cr->cr_ngroups == (n)->nd_cr->cr_ngroups && \ + bcmp((o)->nd_cr->cr_groups, (n)->nd_cr->cr_groups, \ + (n)->nd_cr->cr_ngroups * sizeof(gid_t)) == 0) /* * Defines for WebNFS ==== //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_serv.c#17 (text+ko) ==== @@ -171,7 +171,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct vnode *vp = NULL; nfsfh_t nfh; fhandle_t *fhp; @@ -238,7 +238,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct nfs_fattr *fp; struct vattr va; struct vattr *vap = &va; @@ -287,7 +287,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct vattr va, preat; struct vattr *vap = &va; struct nfsv2_sattr *sp; @@ -442,7 +442,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct nfs_fattr *fp; struct nameidata nd, ind, *ndp = &nd; struct vnode *vp, *dirp = NULL; @@ -631,7 +631,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct iovec iv[(NFS_MAXPATHLEN+MLEN-1)/MLEN]; struct iovec *ivp = iv; struct mbuf *mp; @@ -736,7 +736,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct iovec *iv; struct iovec *iv2; struct mbuf *m; @@ -982,7 +982,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct iovec *ivp; int i, cnt; struct mbuf *mp; @@ -1229,7 +1229,7 @@ mrep = nfsd->nd_mrep; md = nfsd->nd_md; dpos = nfsd->nd_dpos; - cred = &nfsd->nd_cr; + cred = nfsd->nd_cr; v3 = (nfsd->nd_flag & ND_NFSV3); LIST_INIT(&nfsd->nd_coalesce); nfsd->nd_mreq = NULL; @@ -1364,7 +1364,7 @@ splx(s); mrep = nfsd->nd_mrep; nfsd->nd_mrep = NULL; - cred = &nfsd->nd_cr; + cred = nfsd->nd_cr; v3 = (nfsd->nd_flag & ND_NFSV3); forat_ret = aftat_ret = 1; error = nfsrv_fhtovp(&nfsd->nd_fh, 1, &vp, cred, slp, @@ -1576,7 +1576,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct nfs_fattr *fp; struct vattr va, dirfor, diraft; struct vattr *vap = &va; @@ -1859,7 +1859,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct vattr va, dirfor, diraft; struct vattr *vap = &va; u_int32_t *tl; @@ -2050,7 +2050,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct nameidata nd; caddr_t bpos; int error = 0, len, dirfor_ret = 1, diraft_ret = 1; @@ -2148,7 +2148,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; caddr_t bpos; int error = 0, len, len2, fdirfor_ret = 1, fdiraft_ret = 1; int tdirfor_ret = 1, tdiraft_ret = 1; @@ -2375,7 +2375,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct nameidata nd; caddr_t bpos; int error = 0, rdonly, len, dirfor_ret = 1, diraft_ret = 1; @@ -2496,7 +2496,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct vattr va, dirfor, diraft; struct nameidata nd; struct vattr *vap = &va; @@ -2680,7 +2680,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct vattr va, dirfor, diraft; struct vattr *vap = &va; struct nfs_fattr *fp; @@ -2826,7 +2826,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; caddr_t bpos; int error = 0, len, dirfor_ret = 1, diraft_ret = 1; int v3 = (nfsd->nd_flag & ND_NFSV3); @@ -2972,7 +2972,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; char *bp, *be; struct mbuf *mp; struct dirent *dp; @@ -3263,7 +3263,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; char *bp, *be; struct mbuf *mp; struct dirent *dp; @@ -3601,7 +3601,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct vattr bfor, aft; struct vnode *vp = NULL; nfsfh_t nfh; @@ -3752,7 +3752,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct statfs *sf; struct nfs_statfs *sfp; caddr_t bpos; @@ -3830,7 +3830,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct nfsv3_fsinfo *sip; caddr_t bpos; int error = 0, rdonly, getret = 1, pref; @@ -3905,7 +3905,7 @@ struct mbuf *mrep = nfsd->nd_mrep, *md = nfsd->nd_md; struct sockaddr *nam = nfsd->nd_nam; caddr_t dpos = nfsd->nd_dpos; - struct ucred *cred = &nfsd->nd_cr; + struct ucred *cred = nfsd->nd_cr; struct nfsv3_pathconf *pc; caddr_t bpos; int error = 0, rdonly, getret = 1; ==== //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_srvsock.c#8 (text+ko) ==== @@ -354,34 +354,32 @@ } nfsm_adv(nfsm_rndup(len)); tl = nfsm_dissect(u_int32_t *, 3 * NFSX_UNSIGNED); - /* - * XXX: This credential should be managed using crget(9) - * and related calls. Right now, this tramples on any - * extensible data in the ucred, fails to initialize the - * mutex, and worse. This must be fixed before FreeBSD - * 5.0-RELEASE. - */ - bzero((caddr_t)&nd->nd_cr, sizeof (struct ucred)); - nd->nd_cr.cr_ref = 1; - nd->nd_cr.cr_uid = fxdr_unsigned(uid_t, *tl++); - nd->nd_cr.cr_gid = fxdr_unsigned(gid_t, *tl++); + nd->nd_cr = crget(); + nd->nd_cr->cr_uid = nd->nd_cr->cr_ruid = + nd->nd_cr->cr_svuid = fxdr_unsigned(uid_t, *tl++); + nd->nd_cr->cr_groups[0] = nd->nd_cr->cr_rgid = + nd->nd_cr->cr_svgid = fxdr_unsigned(gid_t, *tl++); len = fxdr_unsigned(int, *tl); if (len < 0 || len > RPCAUTH_UNIXGIDS) { m_freem(mrep); + crfree(nd->nd_cr); + nd->nd_cr = NULL; return (EBADRPC); } tl = nfsm_dissect(u_int32_t *, (len + 2) * NFSX_UNSIGNED); for (i = 1; i <= len; i++) if (i < NGROUPS) - nd->nd_cr.cr_groups[i] = fxdr_unsigned(gid_t, *tl++); + nd->nd_cr->cr_groups[i] = fxdr_unsigned(gid_t, *tl++); else tl++; - nd->nd_cr.cr_ngroups = (len >= NGROUPS) ? NGROUPS : (len + 1); - if (nd->nd_cr.cr_ngroups > 1) - nfsrvw_sort(nd->nd_cr.cr_groups, nd->nd_cr.cr_ngroups); + nd->nd_cr->cr_ngroups = (len >= NGROUPS) ? NGROUPS : (len + 1); + if (nd->nd_cr->cr_ngroups > 1) + nfsrvw_sort(nd->nd_cr->cr_groups, nd->nd_cr->cr_ngroups); len = fxdr_unsigned(int, *++tl); if (len < 0 || len > RPCAUTH_MAXSIZ) { m_freem(mrep); + crfree(nd->nd_cr); + nd->nd_cr = NULL; return (EBADRPC); } if (len > 0) @@ -676,6 +674,8 @@ if (nam) { FREE(nam, M_SONAME); } + if (nd->nd_cr != NULL) + crfree(nd->nd_cr); free((caddr_t)nd, M_NFSRVDESC); return (error); } ==== //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_syscalls.c#11 (text+ko) ==== @@ -365,6 +365,8 @@ } if (error || (slp->ns_flag & SLP_VALID) == 0) { if (nd) { + if (nd->nd_cr != NULL) + crfree(nd->nd_cr); free((caddr_t)nd, M_NFSRVDESC); nd = NULL; } @@ -491,6 +493,8 @@ if (slp->ns_so->so_proto->pr_flags & PR_CONNREQUIRED) nfs_slpunlock(slp); if (error == EINTR || error == ERESTART) { + if (nd->nd_cr != NULL) + crfree(nd->nd_cr); free((caddr_t)nd, M_NFSRVDESC); nfsrv_slpderef(slp); s = splnet(); @@ -504,6 +508,8 @@ break; }; if (nd) { + if (nd->nd_cr != NULL) + crfree(nd->nd_cr); FREE((caddr_t)nd, M_NFSRVDESC); nd = NULL; } @@ -578,6 +584,8 @@ for (nwp = LIST_FIRST(&slp->ns_tq); nwp; nwp = nnwp) { nnwp = LIST_NEXT(nwp, nd_tq); LIST_REMOVE(nwp, nd_tq); + if (nwp->nd_cr != NULL) + crfree(nwp->nd_cr); free((caddr_t)nwp, M_NFSRVDESC); } LIST_INIT(&slp->ns_tq); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200211221559.gAMFxXWw064948>