svn commit: r231133 - head/sys/fs/nfsclient
Rick Macklem
rmacklem at FreeBSD.org
Tue Feb 7 16:32:44 UTC 2012
Author: rmacklem
Date: Tue Feb 7 16:32:43 2012
New Revision: 231133
URL: http://svn.freebsd.org/changeset/base/231133
Log:
r228827 fixed a problem where copying of NFSv4 open credentials into
a credential structure would corrupt it. This happened when the
p argument was != NULL. However, I now realize that the copying of
open credentials should only happen for p == NULL, since that indicates
that it is a read-ahead or write-behind. This patch fixes this.
After this commit, r228827 could be reverted, but I think the code is
clearer and safer with the patch, so I am going to leave it in.
Without this patch, it was possible that a NFSv4 VOP_SETATTR() could have
changed the credentials of the caller. This would have happened if
the process doing the VOP_SETATTR() did not have the file open, but
some other process running as a different uid had the file open for writing
at the same time.
MFC after: 5 days
Modified:
head/sys/fs/nfsclient/nfs_clstate.c
Modified: head/sys/fs/nfsclient/nfs_clstate.c
==============================================================================
--- head/sys/fs/nfsclient/nfs_clstate.c Tue Feb 7 16:07:29 2012 (r231132)
+++ head/sys/fs/nfsclient/nfs_clstate.c Tue Feb 7 16:32:43 2012 (r231133)
@@ -559,8 +559,12 @@ nfscl_getstateid(vnode_t vp, u_int8_t *n
NFSUNLOCKCLSTATE();
return (ENOENT);
}
- /* for read aheads or write behinds, use the open cred */
- newnfs_copycred(&op->nfso_cred, cred);
+ /*
+ * For read aheads or write behinds, use the open cred.
+ * A read ahead or write behind is indicated by p == NULL.
+ */
+ if (p == NULL)
+ newnfs_copycred(&op->nfso_cred, cred);
}
/*
More information about the svn-src-all
mailing list