[PATCH 5/6] nfsd: __fh_verify now treats NULL rqstp as a trusted connection.

public inbox for linux-nfs@vger.kernel.org
 help / color / mirror / Atom feed

From: NeilBrown <neilb@suse.de>
To: Chuck Lever <chuck.lever@oracle.com>, Jeff Layton <jlayton@kernel.org>
Cc: linux-nfs@vger.kernel.org, Olga Kornievskaia <kolga@netapp.com>,
	Dai Ngo <Dai.Ngo@oracle.com>, Tom Talpey <tom@talpey.com>,
	Mike Snitzer <snitzer@kernel.org>
Subject: [PATCH 5/6] nfsd: __fh_verify now treats NULL rqstp as a trusted connection.
Date: Mon,  1 Jul 2024 12:53:20 +1000	[thread overview]
Message-ID: <20240701025802.22985-6-neilb@suse.de> (raw)
In-Reply-To: <20240701025802.22985-1-neilb@suse.de>

The final places where __fh_verify unconditionally dereferences rqstp
involve checked is the connection is suitably secure.  They look at
rqstp->rq_xprt which is not meaningful in the target use case of
"localio" NFS in which the client talk directly to the local server.

So check these to always succeed when rqstp is NULL.

With this it is safe tocall __fh_verify with a NULL rqstp providing nn,
cred, and client are not NULL.

Signed-off-by: NeilBrown <neilb@suse.de>
---
 fs/nfsd/export.c | 12 +++++++++---
 fs/nfsd/nfsfh.c  |  4 ++--
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c
index ccfe8c528bcb..9e3e2380f8ae 100644
--- a/fs/nfsd/export.c
+++ b/fs/nfsd/export.c
@@ -1077,7 +1077,13 @@ static struct svc_export *exp_find(struct cache_detail *cd,
 __be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp)
 {
 	struct exp_flavor_info *f, *end = exp->ex_flavors + exp->ex_nflavors;
-	struct svc_xprt *xprt = rqstp->rq_xprt;
+	struct svc_xprt *xprt;
+
+	if (!rqstp)
+		/* Always allow LOCALIO */
+		return 0;
+
+	xprt = rqstp->rq_xprt;
 
 	if (exp->ex_xprtsec_modes & NFSEXP_XPRTSEC_NONE) {
 		if (!test_bit(XPT_TLS_SESSION, &xprt->xpt_flags))
@@ -1185,7 +1191,7 @@ rqst_exp_find(struct svc_rqst *rqstp, struct nfsd_net *nn,
 
 	/* First try the auth_unix client: */
 	exp = exp_find(cd, client, fsid_type,
-		       fsidv, &rqstp->rq_chandle);
+		       fsidv, rqstp ? &rqstp->rq_chandle : NULL);
 	if (PTR_ERR(exp) == -ENOENT)
 		goto gss;
 	if (IS_ERR(exp))
@@ -1198,7 +1204,7 @@ rqst_exp_find(struct svc_rqst *rqstp, struct nfsd_net *nn,
 	if (!try_gss || rqstp->rq_gssclient == NULL)
 		return exp;
 	gssexp = exp_find(cd, rqstp->rq_gssclient, fsid_type, fsidv,
-						&rqstp->rq_chandle);
+			  rqstp ? &rqstp->rq_chandle : NULL);
 	if (PTR_ERR(gssexp) == -ENOENT)
 		return exp;
 	if (!IS_ERR(exp))
diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
index ea3d98c43a9d..fb5a23060a4c 100644
--- a/fs/nfsd/nfsfh.c
+++ b/fs/nfsd/nfsfh.c
@@ -106,10 +106,10 @@ static __be32 nfsd_setuser_and_check_port(struct svc_rqst *rqstp,
 	int flags = nfsexp_flags(cred, exp);
 
 	/* Check if the request originated from a secure port. */
-	if (!nfsd_originating_port_ok(rqstp, flags)) {
+	if (rqstp && !nfsd_originating_port_ok(rqstp, flags)) {
 		RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]);
 		dprintk("nfsd: request from insecure port %s!\n",
-		        svc_print_addr(rqstp, buf, sizeof(buf)));
+			svc_print_addr(rqstp, buf, sizeof(buf)));
 		return nfserr_perm;
 	}
 
-- 
2.44.0

next prev parent reply	other threads:[~2024-07-01  2:59 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-01  2:53 [PATCH 0/6 RFC] nfsd: provide simpler interface for LOCALIO access NeilBrown
2024-07-01  2:53 ` [PATCH 1/6] nfsd: introduce __fh_verify which takes explicit nfsd_net arg NeilBrown
2024-07-01 14:54   ` Chuck Lever
2024-07-01 15:46   ` kernel test robot
2024-07-01  2:53 ` [PATCH 2/6] nfsd: add cred parameter to __fh_verify() NeilBrown
2024-07-01 11:02   ` Jeff Layton
2024-07-01 17:34   ` kernel test robot
2024-07-01  2:53 ` [PATCH 3/6] nfsd: pass nfs_vers explicitly " NeilBrown
2024-07-01 14:57   ` Chuck Lever
2024-07-01 19:16   ` kernel test robot
2024-07-01  2:53 ` [PATCH 4/6] nfsd: pass client " NeilBrown
2024-07-01 11:12   ` Jeff Layton
2024-07-01  2:53 ` NeilBrown [this message]
2024-07-01  2:53 ` [PATCH 6/6] nfsd: add nfsd_file_acquire_local() NeilBrown
2024-07-01 11:21   ` Jeff Layton
2024-07-01 23:55     ` NeilBrown
2024-07-02  0:29       ` Jeff Layton
2024-07-04  8:58   ` kernel test robot

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ccfe8c528bc dfblob:9e3e2380f8a dfblob:ea3d98c43a9
dfblob:fb5a23060a4 )
 OR (
bs:"[PATCH 5/6] nfsd: __fh_verify now treats NULL rqstp as a trusted connection." )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240701025802.22985-6-neilb@suse.de \
    --to=neilb@suse.de \
    --cc=Dai.Ngo@oracle.com \
    --cc=chuck.lever@oracle.com \
    --cc=jlayton@kernel.org \
    --cc=kolga@netapp.com \
    --cc=linux-nfs@vger.kernel.org \
    --cc=snitzer@kernel.org \
    --cc=tom@talpey.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox