From nobody Wed Feb 02 22:11:17 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 005ED19A9AEC; Wed, 2 Feb 2022 22:11:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JpwxK6cBDz56KX; Wed, 2 Feb 2022 22:11:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643839877; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PVRvvRZtTDIiZovlgwyeD/orXHm/Qa+lbDB+PTq8GyY=; b=HIZRO6UfCVoN514qwFnMINwH58ADpJMaBKKhSCgdgcmhxOuPTek3kzIjJW6URQaOsq7/jf XWRw8Qnyoro5k85ohx5FEkzpFWCwJMl3KCKQbe9pQXC0h3//RbbTbit6YnBZpJJiCpQt4e jct7VUWvndOA3mJIhHgvVtfA2ksxJDQDHeGeRlKYbmwv3SC2Usb4ffCM+4G2bvM/W67A02 uqmoy+dhPlRuiVPKGz6rDbV3PlEp526enY2ppmlD5Q0DH+Q3+aUrRMdoQmOJ5LIWxcsBsy 6rGJOi3G6w79/GpCQLDOSorylJUgCjNg4jOJFNcAGHoeANwhD4a158YeD3P56g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C28014436; Wed, 2 Feb 2022 22:11:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 212MBHBP024355; Wed, 2 Feb 2022 22:11:17 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 212MBHbD024354; Wed, 2 Feb 2022 22:11:17 GMT (envelope-from git) Date: Wed, 2 Feb 2022 22:11:17 GMT Message-Id: <202202022211.212MBHbD024354@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Rick Macklem Subject: git: e2fe58d61b7c - main - nfsd: Allow file owners to perform Open(Delegate_cur) List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: e2fe58d61b7ca95cbe87ce841a87c9ae8cecb47b Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643839877; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PVRvvRZtTDIiZovlgwyeD/orXHm/Qa+lbDB+PTq8GyY=; b=l4Wfpm2q+yb10K9UJ06wg5tZzXFIo82aHvwu6sYbngShe9tJ8yPP/7vIJCXqAzuuzEXlDO QIsSbjlyWLtrvWnvhGmqTAmirm+h0DX1XZrYpNNkV5x3SDLrbiJl7gEVi6Av98p6s7sjna lYRHBzdk44/2TE+DeC20EsZeBeXwScMMLbYy7GvyKM5JARUa+w3ZPZNmHjuDJtpAGgcYC7 zgHn8/NZQfAjNfu6f7/GPPewbUMME4S+Wn9WjbdUmiboovUFAebDfrwCJT1CQo+KSRTUWV hvBwQ5vDqscJpRc0pMJJmmdH4ZK4R/sFU4hGvZM7qYfSMlRWBslKn5BoDgToVg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643839877; a=rsa-sha256; cv=none; b=XxKCCAJkrSDNDAYnBMsHICCB4GMEGFLCJTILxgV04Ajx9uPOpF4De500bubpkmzqvp06Mm Fbb9iyk+t8MgwNZ8mhYDwTmgU3sdSwB867dvc2GWSYWzE8YEbIach8hWuKl57yalHeC550 th2n1kYjGfCdZyLEov/CRP4frRKIOj+eKmIEESb4yW7dta317VFhTnHKxVAXGpDzFxGejo uJM3tf62l5ef37o4BN+sc/mM/h9pbTZRn3sfQ/XBatdRhSZl2I1BYLHvQ/Ga0TmXlV9wzU mcN9tB5m37QF+YBg0YvqWiS+5Guj9C0D3nbY/n3tt+U6D5OJmN1vwIzEik3vOw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=e2fe58d61b7ca95cbe87ce841a87c9ae8cecb47b commit e2fe58d61b7ca95cbe87ce841a87c9ae8cecb47b Author: Rick Macklem AuthorDate: 2022-02-02 22:10:16 +0000 Commit: Rick Macklem CommitDate: 2022-02-02 22:10:16 +0000 nfsd: Allow file owners to perform Open(Delegate_cur) Commit b0b7d978b6a8 changed the NFSv4 server's default behaviour to check the file's mode or ACL for permission to open the file, to be Linux and Solaris compatible. However, it turns out that Linux makes an exception for the case of Claim_delegate_cur(_fh). When a NFSv4 client is returning a delegation, it must acquire Opens against the server to replace the ones done locally in the client. The client does this via an Open operation with Claim_delegate_cur(_fh). If this operation fails, due to a change to the file's mode or ACL after the delegation was issued, the client does not have any way to retain the open. As such, the Linux client allows the file's owner to perform an Open with Claim_delegate_cur(_fh) no matter what the mode or ACL allows. This patch makes the FreeBSD server allow this case, to be Linux compatible. This patch only affects the case where delegations are enabled, which is not the default. MFC after: 2 weeks --- sys/fs/nfsserver/nfs_nfsdserv.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/fs/nfsserver/nfs_nfsdserv.c b/sys/fs/nfsserver/nfs_nfsdserv.c index e5ccbfe7fc37..21d8fe05c0ad 100644 --- a/sys/fs/nfsserver/nfs_nfsdserv.c +++ b/sys/fs/nfsserver/nfs_nfsdserv.c @@ -3133,12 +3133,14 @@ nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram, * operation's results to be consistent with NFSv3, but that is * not what the current Linux client appears to be doing. * Since both the Linux and OpenSolaris NFSv4 servers do this check, - * I have enabled it by default. + * I have enabled it by default. Since Linux does not apply this + * check for claim_delegate_cur, this code does the same. * If this semantic change causes a problem, it can be disabled by * setting the sysctl vfs.nfsd.v4openaccess to 0 to re-enable the * previous semantics. */ - if (nfsrv_openaccess && create == NFSV4OPEN_NOCREATE) + if (nfsrv_openaccess && create == NFSV4OPEN_NOCREATE && + (stp->ls_flags & NFSLCK_DELEGCUR) == 0) override = NFSACCCHK_NOOVERRIDE; else override = NFSACCCHK_ALLOWOWNER;