Date: Sun, 12 Feb 2012 06:41:30 +0000 (UTC) From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r231547 - stable/8/sys/fs/nfsclient Message-ID: <201202120641.q1C6fUIN069104@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rmacklem Date: Sun Feb 12 06:41:29 2012 New Revision: 231547 URL: http://svn.freebsd.org/changeset/base/231547 Log: MFC: r231133 r228827 fixed a problem where copying of NFSv4 open credentials into a credential structure would corrupt it. This happened when the p argument was != NULL. However, I now realize that the copying of open credentials should only happen for p == NULL, since that indicates that it is a read-ahead or write-behind. This patch fixes this. After this commit, r228827 could be reverted, but I think the code is clearer and safer with the patch, so I am going to leave it in. Without this patch, it was possible that a NFSv4 VOP_SETATTR() could have changed the credentials of the caller. This would have happened if the process doing the VOP_SETATTR() did not have the file open, but some other process running as a different uid had the file open for writing at the same time. Modified: stable/8/sys/fs/nfsclient/nfs_clstate.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/boot/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/e1000/ (props changed) Modified: stable/8/sys/fs/nfsclient/nfs_clstate.c ============================================================================== --- stable/8/sys/fs/nfsclient/nfs_clstate.c Sun Feb 12 06:27:59 2012 (r231546) +++ stable/8/sys/fs/nfsclient/nfs_clstate.c Sun Feb 12 06:41:29 2012 (r231547) @@ -559,8 +559,12 @@ nfscl_getstateid(vnode_t vp, u_int8_t *n NFSUNLOCKCLSTATE(); return (ENOENT); } - /* for read aheads or write behinds, use the open cred */ - newnfs_copycred(&op->nfso_cred, cred); + /* + * For read aheads or write behinds, use the open cred. + * A read ahead or write behind is indicated by p == NULL. + */ + if (p == NULL) + newnfs_copycred(&op->nfso_cred, cred); } /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201202120641.q1C6fUIN069104>