Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ea236d07 authored by J. Bruce Fields's avatar J. Bruce Fields
Browse files

nfsd4: exchange_id: check creds before killing confirmed client 



We mustn't allow a client to destroy another client with established
state unless it has the right credential.

And some minor cleanup.

(Note: our comparison of credentials is actually pretty bogus currently;
that will need to be fixed in another patch.)

Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
parent 2786cc3a

fs/nfsd/nfs4state.c

+8 −9
Original line number Diff line number Diff line
@@ -1556,6 +1556,14 @@ nfsd4_exchange_id(struct svc_rqst *rqstp, 
			status = nfserr_clid_inuse; /* XXX: ? */

			goto out;

		}

		if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {

			/* 18.35.4 case 9 */

			if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A)

				status = nfserr_perm;

			else /* case 3 */

				status = nfserr_clid_inuse;

			goto out;

		}

		if (!same_verf(&verf, &conf->cl_verifier)) {

			/* 18.35.4 case 8 */

			if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) {
@@ -1566,15 +1574,6 @@ nfsd4_exchange_id(struct svc_rqst *rqstp, 
			expire_client(conf);

			goto out_new;

		}

		if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {

			/* 18.35.4 case 9 */

			if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) {

				status = nfserr_perm;

				goto out;

			}

			expire_client(conf);

			goto out_new;

		}

		/*

		 * Set bit when the owner id and verifier map to an already

		 * confirmed client id (18.35.3).