From nobody Wed Feb 16 22:59:19 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0E1F919D7D13; Wed, 16 Feb 2022 22:59:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JzYLH6wcTz3vBg; Wed, 16 Feb 2022 22:59:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1645052360; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IAfYUWlVu3ZFypbwchGMABMUycsG1K6lmDd13IMDBNk=; b=iHWiWWyc8XEbkkuOjY34n571aAdzec5R0Bz5Y60ysPgUsCoCMJBXrLUTLJpl1NyxIhkuJ+ 6OFbSbi1IHOcKVnL+WY1pJQgX0cDYP0D9xKiJzAYJs5V/0Xsz+UuCVa94ce2yxk7WlTbRy Y7PWQgBVDXSMBolltYKbRGSgjGBbSHfG6SHCvlybrg+B9ZXGP2GtM3sDbe5GOoEpU/ewqg qOlAO6l0hL0RHwmlc3EX0Iqh+7XkOVq+0HjTdQ3a4uf/QzDfyacWFQwCjBNRBSlVaP+8HS j2HnyPerphYFDySh0Bx26UApqYmDHdcPJNDIafUhUs4GY0oDlm9bZ6jLm1S/xA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CD70F1EBB4; Wed, 16 Feb 2022 22:59:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21GMxJCR053250; Wed, 16 Feb 2022 22:59:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21GMxJH7053249; Wed, 16 Feb 2022 22:59:19 GMT (envelope-from git) Date: Wed, 16 Feb 2022 22:59:19 GMT Message-Id: <202202162259.21GMxJH7053249@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Rick Macklem Subject: git: 59c8b54cc7c1 - stable/12 - nfsd: Allow file owners to perform Open(Delegate_cur) List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 59c8b54cc7c17f4ccf571d9a3c2de04d83eec672 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1645052360; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IAfYUWlVu3ZFypbwchGMABMUycsG1K6lmDd13IMDBNk=; b=pYVZOW4onrfCcBkod/Rq5AJjCZdVmAmg59/KmB0eWBHzKmyiQp2YGbWB0Isceb2yyfjaGZ OWBMge9z/IKpME9kGW1mjJ3lrHoAB9BxGiU9c5WH/VSad3YLF8Zzssy2xePlWFeh3A1vyI QnlyeUoh8qccO5+cZ2ZxjsHF9k1P6VBa6ulxvBgRy4AkV5Xd/btaNrWiZMYYcKv//Xr4wB O34yUxqzFaJfLBSosYK9cWioNUP3q261rjpN1cvZJmDXNv/uVw9hBGDlxLSefiUSiPTAhS DEYTaRNQS71hBgk6P/V9D+8VYHWLBjiAIESaRaCEh3D6WHD370SH5C5F9NU/5g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1645052360; a=rsa-sha256; cv=none; b=I/MLrj0VPqoCCabl7oPwAtzwo5MVewjJwK5Af1ckGOYSY4fwsvKmPmb+dkiVAIUzoFa1XL nhcaE42opNh++kqGnEllBlLjdhR2RG5tsi95N2qLjGFu9gi2UJvUvRfvCxmNhijl2nI7ug UPCCRyu7KadjE2Gc78W9taWjm2zMt61DnCRMef+u5DAns7uZ8dr/58W1T60OWb1nDJUOlj wSpxF+UaZViNdVOTezxmzIK5P2vYXNGQychIbWQ5TxyPgLYo11ilWlWAeH+kzyVVKZEyeF TMTv7dD1XA1a/r+gsGmh0etPJj+AXN3Cf5eMU0xKPtkDJneU1mrBOuBZKWubeg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=59c8b54cc7c17f4ccf571d9a3c2de04d83eec672 commit 59c8b54cc7c17f4ccf571d9a3c2de04d83eec672 Author: Rick Macklem AuthorDate: 2022-02-02 22:10:16 +0000 Commit: Rick Macklem CommitDate: 2022-02-16 22:58:09 +0000 nfsd: Allow file owners to perform Open(Delegate_cur) Commit b0b7d978b6a8 changed the NFSv4 server's default behaviour to check the file's mode or ACL for permission to open the file, to be Linux and Solaris compatible. However, it turns out that Linux makes an exception for the case of Claim_delegate_cur(_fh). When a NFSv4 client is returning a delegation, it must acquire Opens against the server to replace the ones done locally in the client. The client does this via an Open operation with Claim_delegate_cur(_fh). If this operation fails, due to a change to the file's mode or ACL after the delegation was issued, the client does not have any way to retain the open. As such, the Linux client allows the file's owner to perform an Open with Claim_delegate_cur(_fh) no matter what the mode or ACL allows. This patch makes the FreeBSD server allow this case, to be Linux compatible. This patch only affects the case where delegations are enabled, which is not the default. (cherry picked from commit e2fe58d61b7ca95cbe87ce841a87c9ae8cecb47b) --- sys/fs/nfsserver/nfs_nfsdserv.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/fs/nfsserver/nfs_nfsdserv.c b/sys/fs/nfsserver/nfs_nfsdserv.c index afa13b7c8b1a..505ced885561 100644 --- a/sys/fs/nfsserver/nfs_nfsdserv.c +++ b/sys/fs/nfsserver/nfs_nfsdserv.c @@ -3048,12 +3048,14 @@ nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram, * operation's results to be consistent with NFSv3, but that is * not what the current Linux client appears to be doing. * Since both the Linux and OpenSolaris NFSv4 servers do this check, - * I have enabled it by default. + * I have enabled it by default. Since Linux does not apply this + * check for claim_delegate_cur, this code does the same. * If this semantic change causes a problem, it can be disabled by * setting the sysctl vfs.nfsd.v4openaccess to 0 to re-enable the * previous semantics. */ - if (nfsrv_openaccess && create == NFSV4OPEN_NOCREATE) + if (nfsrv_openaccess && create == NFSV4OPEN_NOCREATE && + (stp->ls_flags & NFSLCK_DELEGCUR) == 0) override = NFSACCCHK_NOOVERRIDE; else override = NFSACCCHK_ALLOWOWNER;