From nobody Wed Feb 16 01:01:56 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id CD13719BEA0E; Wed, 16 Feb 2022 01:01:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jz06D4zpJz4Ymb; Wed, 16 Feb 2022 01:01:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1644973316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tbNpiQiBJQ9Pi5cZao5dca42UlnPHBWMokdcFJaxSnM=; b=SoDsmOxD9fEpZ/Sn5jtWF9ZhuLeBZSvF8aMiFPCtuWk0mp5VioyYg7pWGG675XEoWrA0My 78WQTNm3dyCWXX+FOO4e/+hL27y9a4KcOiDNoScHQfBHEs4aTeXYepLEYP/Vc1wnOb708D yclw89PAH4BFonCgZG4Iv+LgQMEn0I+mOGDv2NHiyfD7jlWRZfocqzIHkfYYS3qkySyIOk nyvYI9OS3ILED51+uW/dUSnSouUYsByW/iRxx7DC9WARTyoae0iaHYPbC7z87frm2RNeJY DM133TUjT1eWnHdlaZBRQhc3/qQlZMcg8Ql3cCJbqkWZQ1FWnkTu0U5lgx/7Hg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8C40548E1; Wed, 16 Feb 2022 01:01:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21G11umh094451; Wed, 16 Feb 2022 01:01:56 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21G11uao094450; Wed, 16 Feb 2022 01:01:56 GMT (envelope-from git) Date: Wed, 16 Feb 2022 01:01:56 GMT Message-Id: <202202160101.21G11uao094450@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Rick Macklem Subject: git: 3a42078ae951 - stable/13 - nfsd: Allow file owners to perform Open(Delegate_cur) List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 3a42078ae9516aafd8c7917c8c39b69a2e3377b5 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1644973316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tbNpiQiBJQ9Pi5cZao5dca42UlnPHBWMokdcFJaxSnM=; b=cYjQU6StqTaJky82NrHufM+xlV6mh/c4x0aBhWVpaM6juo35s9dTouZqLwErW+66WtjPdp 8I6LomtvhO37A8vrGvQmwnmw+msyjPWiyCXs8Zn3I0MPfTefUr8lR9DTmigIX09bVhZQV6 1EBWFyVZQkAYp1a2pSs73PhFgm6D3a/+CFrITfCzZLAKPPD2nlCYPSejrAuTjGK98ABM3H Xr1iJaKTFN74gd0Elq1nPWF/yFxYjvTP16uyvifMszVkVjpu9D2xtLsK2UPuHtPasuVznT rdy+2nUdU4Gd0DR7cPVwPgxcu8V4ZMbH3TVphrRGLRfuO73Wzcz2n2IjvN1/pQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1644973316; a=rsa-sha256; cv=none; b=Z22PzBgabUC4XIq8Oxr+qtu/dVKfCmzlmRJYdvhMRVKO14Mxhr6WrB+7FyHgS28+Hlwk90 n4vnQUs+fbGuMewixS6vn099fY8z/mXDR7VvYmKn0A6VARyTNp/dX8IrjtJGZtY9T7/mve fpi2iiZGXXqrJCUQGbcke9fYtcVFg9mWisuQ8iXmTaoFB7OO55MIh4HmmU4i6v72sYS7I2 V0oF1vwDI/zFqT7woKQG3NobHz2UF3R35wIN50lGlROTg94WrRhuGiRZxo/b/bt2Rv5bvV lAMBbqhW9/JdIKDudhn3vT8GrSAwtAe+FTaVb+uWZ57khPrp74HrYKen/4kEtg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=3a42078ae9516aafd8c7917c8c39b69a2e3377b5 commit 3a42078ae9516aafd8c7917c8c39b69a2e3377b5 Author: Rick Macklem AuthorDate: 2022-02-02 22:10:16 +0000 Commit: Rick Macklem CommitDate: 2022-02-16 01:00:47 +0000 nfsd: Allow file owners to perform Open(Delegate_cur) Commit b0b7d978b6a8 changed the NFSv4 server's default behaviour to check the file's mode or ACL for permission to open the file, to be Linux and Solaris compatible. However, it turns out that Linux makes an exception for the case of Claim_delegate_cur(_fh). When a NFSv4 client is returning a delegation, it must acquire Opens against the server to replace the ones done locally in the client. The client does this via an Open operation with Claim_delegate_cur(_fh). If this operation fails, due to a change to the file's mode or ACL after the delegation was issued, the client does not have any way to retain the open. As such, the Linux client allows the file's owner to perform an Open with Claim_delegate_cur(_fh) no matter what the mode or ACL allows. This patch makes the FreeBSD server allow this case, to be Linux compatible. This patch only affects the case where delegations are enabled, which is not the default. (cherry picked from commit e2fe58d61b7ca95cbe87ce841a87c9ae8cecb47b) --- sys/fs/nfsserver/nfs_nfsdserv.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/fs/nfsserver/nfs_nfsdserv.c b/sys/fs/nfsserver/nfs_nfsdserv.c index 438e5b00c8d0..d72716ce7fd8 100644 --- a/sys/fs/nfsserver/nfs_nfsdserv.c +++ b/sys/fs/nfsserver/nfs_nfsdserv.c @@ -3133,12 +3133,14 @@ nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram, * operation's results to be consistent with NFSv3, but that is * not what the current Linux client appears to be doing. * Since both the Linux and OpenSolaris NFSv4 servers do this check, - * I have enabled it by default. + * I have enabled it by default. Since Linux does not apply this + * check for claim_delegate_cur, this code does the same. * If this semantic change causes a problem, it can be disabled by * setting the sysctl vfs.nfsd.v4openaccess to 0 to re-enable the * previous semantics. */ - if (nfsrv_openaccess && create == NFSV4OPEN_NOCREATE) + if (nfsrv_openaccess && create == NFSV4OPEN_NOCREATE && + (stp->ls_flags & NFSLCK_DELEGCUR) == 0) override = NFSACCCHK_NOOVERRIDE; else override = NFSACCCHK_ALLOWOWNER;