Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 11 Jun 2018 19:00:08 +0000 (UTC)
From:      Rick Macklem <rmacklem@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r334966 - in head/sys/fs: nfs nfsclient
Message-ID:  <201806111900.w5BJ08to025999@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: rmacklem
Date: Mon Jun 11 19:00:07 2018
New Revision: 334966
URL: https://svnweb.freebsd.org/changeset/base/334966

Log:
  Add a couple of safety belt checks to the NFSv4.1 client related to sessions.
  
  There were a couple of cases in newnfs_request() that it assumed that it
  was an NFSv4.1 mount with a session. This should always be the case when
  a Sequence operation is in the reply or the server replies NFSERR_BADSESSION.
  However, if a server was broken and sent an erroneous reply, these safety
  belt checks should avoid trouble.
  The one check required a small tweak to nfsmnt_mdssession() so that it
  returns NULL when there is no session instead of the offset of the field
  in the structure (0x8 for i386).
  This patch should have no effect on normal operation of the client.
  Found by inspection during pNFS server development.
  
  MFC after:	2 weeks

Modified:
  head/sys/fs/nfs/nfs_commonkrpc.c
  head/sys/fs/nfsclient/nfsmount.h

Modified: head/sys/fs/nfs/nfs_commonkrpc.c
==============================================================================
--- head/sys/fs/nfs/nfs_commonkrpc.c	Mon Jun 11 18:57:40 2018	(r334965)
+++ head/sys/fs/nfs/nfs_commonkrpc.c	Mon Jun 11 19:00:07 2018	(r334966)
@@ -852,9 +852,9 @@ tryagain:
 			if ((nmp != NULL && i == NFSV4OP_SEQUENCE && j != 0) ||
 			    (clp != NULL && i == NFSV4OP_CBSEQUENCE && j != 0))
 				NFSCL_DEBUG(1, "failed seq=%d\n", j);
-			if ((nmp != NULL && i == NFSV4OP_SEQUENCE && j == 0) ||
-			    (clp != NULL && i == NFSV4OP_CBSEQUENCE && j == 0)
-			    ) {
+			if (((nmp != NULL && i == NFSV4OP_SEQUENCE && j == 0) ||
+			    (clp != NULL && i == NFSV4OP_CBSEQUENCE &&
+			    j == 0)) && sep != NULL) {
 				if (i == NFSV4OP_SEQUENCE)
 					NFSM_DISSECT(tl, uint32_t *,
 					    NFSX_V4SESSIONID +
@@ -896,7 +896,8 @@ tryagain:
 		}
 		if (nd->nd_repstat != 0) {
 			if (nd->nd_repstat == NFSERR_BADSESSION &&
-			    nmp != NULL && dssep == NULL) {
+			    nmp != NULL && dssep == NULL &&
+			    (nd->nd_flag & ND_NFSV41) != 0) {
 				/*
 				 * If this is a client side MDS RPC, mark
 				 * the MDS session defunct and initiate

Modified: head/sys/fs/nfsclient/nfsmount.h
==============================================================================
--- head/sys/fs/nfsclient/nfsmount.h	Mon Jun 11 18:57:40 2018	(r334965)
+++ head/sys/fs/nfsclient/nfsmount.h	Mon Jun 11 19:00:07 2018	(r334966)
@@ -129,8 +129,10 @@ nfsmnt_mdssession(struct nfsmount *nmp)
 {
 	struct nfsclsession *tsep;
 
+	tsep = NULL;
 	mtx_lock(&nmp->nm_mtx);
-	tsep = NFSMNT_MDSSESSION(nmp);
+	if (TAILQ_FIRST(&nmp->nm_sess) != NULL)
+		tsep = NFSMNT_MDSSESSION(nmp);
 	mtx_unlock(&nmp->nm_mtx);
 	return (tsep);
 }



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806111900.w5BJ08to025999>