From: andros@netapp.com
To: benny@panasas.com
Cc: linux-nfs@vger.kernel.org, Andy Adamson <andros@netapp.com>
Subject: [PATCH 3/3] NFS return an rpc auth error on back channel
Date: Tue, 16 Nov 2010 22:36:30 -0500 [thread overview]
Message-ID: <1289964990-4480-4-git-send-email-andros@netapp.com> (raw)
In-Reply-To: <1289964990-4480-3-git-send-email-andros@netapp.com>
From: Andy Adamson <andros@netapp.com>
If a matching nfs_client struct is not found in the back channel NFS processing
return an rpc auth error.
Signed-off-by: Andy Adamson <andros@netapp.com>
---
fs/nfs/callback.h | 3 +++
fs/nfs/callback_proc.c | 7 ++++---
fs/nfs/callback_xdr.c | 4 ++++
include/linux/sunrpc/msg_prot.h | 1 +
include/linux/sunrpc/xdr.h | 1 +
net/sunrpc/svc.c | 5 +++++
6 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/fs/nfs/callback.h b/fs/nfs/callback.h
index b69bec5..3a54628 100644
--- a/fs/nfs/callback.h
+++ b/fs/nfs/callback.h
@@ -14,6 +14,9 @@
#define NFS4_CALLBACK_XDRSIZE 2048
#define NFS4_CALLBACK_BUFSIZE (1024 + NFS4_CALLBACK_XDRSIZE)
+/* Internal error for back channel server */
+#define nfserr_deny_reply cpu_to_be32(30003)
+
enum nfs4_callback_procnum {
CB_NULL = 0,
CB_COMPOUND = 1,
diff --git a/fs/nfs/callback_proc.c b/fs/nfs/callback_proc.c
index 69d085a..ec3c84b 100644
--- a/fs/nfs/callback_proc.c
+++ b/fs/nfs/callback_proc.c
@@ -31,7 +31,7 @@ __be32 nfs4_callback_getattr(struct cb_getattrargs *args,
struct inode *inode;
res->bitmap[0] = res->bitmap[1] = 0;
- res->status = htonl(NFS4ERR_BADHANDLE);
+ res->status = nfserr_deny_reply;
clp = find_client_from_cps(cps, args->addr);
if (clp == NULL)
goto out;
@@ -39,6 +39,7 @@ __be32 nfs4_callback_getattr(struct cb_getattrargs *args,
dprintk("NFS: GETATTR callback request from %s\n",
rpc_peeraddr2str(clp->cl_rpcclient, RPC_DISPLAY_ADDR));
+ res->status = htonl(NFS4ERR_BADHANDLE);
inode = nfs_delegation_find_inode(clp, &args->fh);
if (inode == NULL)
goto out_putclient;
@@ -76,7 +77,7 @@ __be32 nfs4_callback_recall(struct cb_recallargs *args, void *dummy,
struct inode *inode;
__be32 res;
- res = htonl(NFS4ERR_BADHANDLE);
+ res = nfserr_deny_reply;
clp = find_client_from_cps(cps, args->addr);
if (clp == NULL)
goto out;
@@ -598,7 +599,7 @@ __be32 nfs4_callback_sequence(struct cb_sequenceargs *args,
cps->session = NULL;
- status = htonl(NFS4ERR_BADSESSION);
+ status = nfserr_deny_reply;
clp = find_client_with_session(args->csa_addr, 4, &args->csa_sessionid);
if (clp == NULL)
goto out;
diff --git a/fs/nfs/callback_xdr.c b/fs/nfs/callback_xdr.c
index 92719f1..8e17464 100644
--- a/fs/nfs/callback_xdr.c
+++ b/fs/nfs/callback_xdr.c
@@ -789,6 +789,10 @@ static __be32 nfs4_callback_compound(struct svc_rqst *rqstp, void *argp, void *r
nops--;
}
+ /* An nfs_client struct was not found, return an rpc auth error */
+ if (unlikely(status == nfserr_deny_reply))
+ status = rpc_deny_reply;
+
*hdr_res.status = status;
*hdr_res.nops = htonl(nops);
if (cps.session)
diff --git a/include/linux/sunrpc/msg_prot.h b/include/linux/sunrpc/msg_prot.h
index 77e6248..9ba9422 100644
--- a/include/linux/sunrpc/msg_prot.h
+++ b/include/linux/sunrpc/msg_prot.h
@@ -59,6 +59,7 @@ enum rpc_accept_stat {
RPC_SYSTEM_ERR = 5,
/* internal use only */
RPC_DROP_REPLY = 60000,
+ RPC_DENY_REPLY = 60001,
};
enum rpc_reject_stat {
diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h
index 498ab93..9b4645c 100644
--- a/include/linux/sunrpc/xdr.h
+++ b/include/linux/sunrpc/xdr.h
@@ -82,6 +82,7 @@ struct xdr_buf {
#define rpc_garbage_args cpu_to_be32(RPC_GARBAGE_ARGS)
#define rpc_system_err cpu_to_be32(RPC_SYSTEM_ERR)
#define rpc_drop_reply cpu_to_be32(RPC_DROP_REPLY)
+#define rpc_deny_reply cpu_to_be32(RPC_DENY_REPLY)
#define rpc_auth_ok cpu_to_be32(RPC_AUTH_OK)
#define rpc_autherr_badcred cpu_to_be32(RPC_AUTH_BADCRED)
diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c
index 6359c42..2c3e428 100644
--- a/net/sunrpc/svc.c
+++ b/net/sunrpc/svc.c
@@ -1111,6 +1111,11 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv)
procp->pc_release(rqstp, NULL, rqstp->rq_resp);
goto dropit;
}
+ if (*statp == rpc_deny_reply) {
+ if (procp->pc_release)
+ procp->pc_release(rqstp, NULL, rqstp->rq_resp);
+ goto err_bad_auth;
+ }
if (*statp == rpc_success &&
(xdr = procp->pc_encode) &&
!xdr(rqstp, resv->iov_base+resv->iov_len, rqstp->rq_resp)) {
--
1.6.6
next prev parent reply other threads:[~2010-11-17 21:16 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-17 3:36 [PATCH 0/3] NFSv4 callback pg_authenticate fix andros
2010-11-17 3:36 ` [PATCH 1/3] NFS add minorversion to nfs_find_client search andros
2010-11-17 3:36 ` [PATCH 2/3] SQUASHME: pnfs-submit: fix highest backchannel slot used andros
2010-11-17 3:36 ` andros [this message]
2010-11-17 23:26 ` [PATCH 3/3] NFS return an rpc auth error on back channel Trond Myklebust
2010-11-18 14:42 ` William A. (Andy) Adamson
2010-11-18 15:05 ` Trond Myklebust
2010-11-18 15:08 ` William A. (Andy) Adamson
2010-11-17 23:10 ` [PATCH 1/3] NFS add minorversion to nfs_find_client search Trond Myklebust
2010-11-18 14:11 ` William A. (Andy) Adamson
2010-11-18 14:46 ` Trond Myklebust
2010-11-18 17:39 ` J. Bruce Fields
2010-11-17 22:49 ` [PATCH 0/3] NFSv4 callback pg_authenticate fix J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1289964990-4480-4-git-send-email-andros@netapp.com \
--to=andros@netapp.com \
--cc=benny@panasas.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.