提交 7bab377f 编写于 作者: T Trond Myklebust

lockd: Don't expose the process pid to the NLM server

Instead we use the nlm_lockowner->pid.
Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
上级 36943fa4
...@@ -125,7 +125,15 @@ u32 nlmclnt_grant(const struct sockaddr_in *addr, const struct nlm_lock *lock) ...@@ -125,7 +125,15 @@ u32 nlmclnt_grant(const struct sockaddr_in *addr, const struct nlm_lock *lock)
list_for_each_entry(block, &nlm_blocked, b_list) { list_for_each_entry(block, &nlm_blocked, b_list) {
struct file_lock *fl_blocked = block->b_lock; struct file_lock *fl_blocked = block->b_lock;
if (!nlm_compare_locks(fl_blocked, fl)) if (fl_blocked->fl_start != fl->fl_start)
continue;
if (fl_blocked->fl_end != fl->fl_end)
continue;
/*
* Careful! The NLM server will return the 32-bit "pid" that
* we put on the wire: in this case the lockowner "pid".
*/
if (fl_blocked->fl_u.nfs_fl.owner->pid != lock->svid)
continue; continue;
if (!nlm_cmp_addr(&block->b_host->h_addr, addr)) if (!nlm_cmp_addr(&block->b_host->h_addr, addr))
continue; continue;
......
...@@ -132,8 +132,10 @@ static void nlmclnt_setlockargs(struct nlm_rqst *req, struct file_lock *fl) ...@@ -132,8 +132,10 @@ static void nlmclnt_setlockargs(struct nlm_rqst *req, struct file_lock *fl)
memcpy(&lock->fh, NFS_FH(fl->fl_file->f_dentry->d_inode), sizeof(struct nfs_fh)); memcpy(&lock->fh, NFS_FH(fl->fl_file->f_dentry->d_inode), sizeof(struct nfs_fh));
lock->caller = system_utsname.nodename; lock->caller = system_utsname.nodename;
lock->oh.data = req->a_owner; lock->oh.data = req->a_owner;
lock->oh.len = sprintf(req->a_owner, "%d@%s", lock->oh.len = snprintf(req->a_owner, sizeof(req->a_owner), "%u@%s",
current->pid, system_utsname.nodename); (unsigned int)fl->fl_u.nfs_fl.owner->pid,
system_utsname.nodename);
lock->svid = fl->fl_u.nfs_fl.owner->pid;
locks_copy_lock(&lock->fl, fl); locks_copy_lock(&lock->fl, fl);
} }
...@@ -159,6 +161,7 @@ nlmclnt_setgrantargs(struct nlm_rqst *call, struct nlm_lock *lock) ...@@ -159,6 +161,7 @@ nlmclnt_setgrantargs(struct nlm_rqst *call, struct nlm_lock *lock)
/* set default data area */ /* set default data area */
call->a_args.lock.oh.data = call->a_owner; call->a_args.lock.oh.data = call->a_owner;
call->a_args.lock.svid = lock->fl.fl_pid;
if (lock->oh.len > NLMCLNT_OHSIZE) { if (lock->oh.len > NLMCLNT_OHSIZE) {
void *data = kmalloc(lock->oh.len, GFP_KERNEL); void *data = kmalloc(lock->oh.len, GFP_KERNEL);
......
...@@ -397,6 +397,7 @@ nlmsvc_testlock(struct nlm_file *file, struct nlm_lock *lock, ...@@ -397,6 +397,7 @@ nlmsvc_testlock(struct nlm_file *file, struct nlm_lock *lock,
(long long)fl->fl_end); (long long)fl->fl_end);
conflock->caller = "somehost"; /* FIXME */ conflock->caller = "somehost"; /* FIXME */
conflock->oh.len = 0; /* don't return OH info */ conflock->oh.len = 0; /* don't return OH info */
conflock->svid = fl->fl_pid;
conflock->fl = *fl; conflock->fl = *fl;
return nlm_lck_denied; return nlm_lck_denied;
} }
......
...@@ -131,10 +131,11 @@ nlm_decode_lock(u32 *p, struct nlm_lock *lock) ...@@ -131,10 +131,11 @@ nlm_decode_lock(u32 *p, struct nlm_lock *lock)
|| !(p = nlm_decode_fh(p, &lock->fh)) || !(p = nlm_decode_fh(p, &lock->fh))
|| !(p = nlm_decode_oh(p, &lock->oh))) || !(p = nlm_decode_oh(p, &lock->oh)))
return NULL; return NULL;
lock->svid = ntohl(*p++);
locks_init_lock(fl); locks_init_lock(fl);
fl->fl_owner = current->files; fl->fl_owner = current->files;
fl->fl_pid = ntohl(*p++); fl->fl_pid = (pid_t)lock->svid;
fl->fl_flags = FL_POSIX; fl->fl_flags = FL_POSIX;
fl->fl_type = F_RDLCK; /* as good as anything else */ fl->fl_type = F_RDLCK; /* as good as anything else */
start = ntohl(*p++); start = ntohl(*p++);
...@@ -174,7 +175,7 @@ nlm_encode_lock(u32 *p, struct nlm_lock *lock) ...@@ -174,7 +175,7 @@ nlm_encode_lock(u32 *p, struct nlm_lock *lock)
else else
len = loff_t_to_s32(fl->fl_end - fl->fl_start + 1); len = loff_t_to_s32(fl->fl_end - fl->fl_start + 1);
*p++ = htonl(fl->fl_pid); *p++ = htonl(lock->svid);
*p++ = htonl(start); *p++ = htonl(start);
*p++ = htonl(len); *p++ = htonl(len);
...@@ -197,7 +198,7 @@ nlm_encode_testres(u32 *p, struct nlm_res *resp) ...@@ -197,7 +198,7 @@ nlm_encode_testres(u32 *p, struct nlm_res *resp)
struct file_lock *fl = &resp->lock.fl; struct file_lock *fl = &resp->lock.fl;
*p++ = (fl->fl_type == F_RDLCK)? xdr_zero : xdr_one; *p++ = (fl->fl_type == F_RDLCK)? xdr_zero : xdr_one;
*p++ = htonl(fl->fl_pid); *p++ = htonl(resp->lock.svid);
/* Encode owner handle. */ /* Encode owner handle. */
if (!(p = xdr_encode_netobj(p, &resp->lock.oh))) if (!(p = xdr_encode_netobj(p, &resp->lock.oh)))
...@@ -298,7 +299,8 @@ nlmsvc_decode_shareargs(struct svc_rqst *rqstp, u32 *p, nlm_args *argp) ...@@ -298,7 +299,8 @@ nlmsvc_decode_shareargs(struct svc_rqst *rqstp, u32 *p, nlm_args *argp)
memset(lock, 0, sizeof(*lock)); memset(lock, 0, sizeof(*lock));
locks_init_lock(&lock->fl); locks_init_lock(&lock->fl);
lock->fl.fl_pid = ~(u32) 0; lock->svid = ~(u32) 0;
lock->fl.fl_pid = (pid_t)lock->svid;
if (!(p = nlm_decode_cookie(p, &argp->cookie)) if (!(p = nlm_decode_cookie(p, &argp->cookie))
|| !(p = xdr_decode_string_inplace(p, &lock->caller, || !(p = xdr_decode_string_inplace(p, &lock->caller,
...@@ -415,7 +417,8 @@ nlmclt_decode_testres(struct rpc_rqst *req, u32 *p, struct nlm_res *resp) ...@@ -415,7 +417,8 @@ nlmclt_decode_testres(struct rpc_rqst *req, u32 *p, struct nlm_res *resp)
memset(&resp->lock, 0, sizeof(resp->lock)); memset(&resp->lock, 0, sizeof(resp->lock));
locks_init_lock(fl); locks_init_lock(fl);
excl = ntohl(*p++); excl = ntohl(*p++);
fl->fl_pid = ntohl(*p++); resp->lock.svid = ntohl(*p++);
fl->fl_pid = (pid_t)resp->lock.svid;
if (!(p = nlm_decode_oh(p, &resp->lock.oh))) if (!(p = nlm_decode_oh(p, &resp->lock.oh)))
return -EIO; return -EIO;
......
...@@ -130,10 +130,11 @@ nlm4_decode_lock(u32 *p, struct nlm_lock *lock) ...@@ -130,10 +130,11 @@ nlm4_decode_lock(u32 *p, struct nlm_lock *lock)
|| !(p = nlm4_decode_fh(p, &lock->fh)) || !(p = nlm4_decode_fh(p, &lock->fh))
|| !(p = nlm4_decode_oh(p, &lock->oh))) || !(p = nlm4_decode_oh(p, &lock->oh)))
return NULL; return NULL;
lock->svid = ntohl(*p++);
locks_init_lock(fl); locks_init_lock(fl);
fl->fl_owner = current->files; fl->fl_owner = current->files;
fl->fl_pid = ntohl(*p++); fl->fl_pid = (pid_t)lock->svid;
fl->fl_flags = FL_POSIX; fl->fl_flags = FL_POSIX;
fl->fl_type = F_RDLCK; /* as good as anything else */ fl->fl_type = F_RDLCK; /* as good as anything else */
p = xdr_decode_hyper(p, &start); p = xdr_decode_hyper(p, &start);
...@@ -167,7 +168,7 @@ nlm4_encode_lock(u32 *p, struct nlm_lock *lock) ...@@ -167,7 +168,7 @@ nlm4_encode_lock(u32 *p, struct nlm_lock *lock)
|| (fl->fl_end > NLM4_OFFSET_MAX && fl->fl_end != OFFSET_MAX)) || (fl->fl_end > NLM4_OFFSET_MAX && fl->fl_end != OFFSET_MAX))
return NULL; return NULL;
*p++ = htonl(fl->fl_pid); *p++ = htonl(lock->svid);
start = loff_t_to_s64(fl->fl_start); start = loff_t_to_s64(fl->fl_start);
if (fl->fl_end == OFFSET_MAX) if (fl->fl_end == OFFSET_MAX)
...@@ -198,7 +199,7 @@ nlm4_encode_testres(u32 *p, struct nlm_res *resp) ...@@ -198,7 +199,7 @@ nlm4_encode_testres(u32 *p, struct nlm_res *resp)
struct file_lock *fl = &resp->lock.fl; struct file_lock *fl = &resp->lock.fl;
*p++ = (fl->fl_type == F_RDLCK)? xdr_zero : xdr_one; *p++ = (fl->fl_type == F_RDLCK)? xdr_zero : xdr_one;
*p++ = htonl(fl->fl_pid); *p++ = htonl(resp->lock.svid);
/* Encode owner handle. */ /* Encode owner handle. */
if (!(p = xdr_encode_netobj(p, &resp->lock.oh))) if (!(p = xdr_encode_netobj(p, &resp->lock.oh)))
...@@ -212,8 +213,8 @@ nlm4_encode_testres(u32 *p, struct nlm_res *resp) ...@@ -212,8 +213,8 @@ nlm4_encode_testres(u32 *p, struct nlm_res *resp)
p = xdr_encode_hyper(p, start); p = xdr_encode_hyper(p, start);
p = xdr_encode_hyper(p, len); p = xdr_encode_hyper(p, len);
dprintk("xdr: encode_testres (status %d pid %d type %d start %Ld end %Ld)\n", dprintk("xdr: encode_testres (status %u pid %d type %d start %Ld end %Ld)\n",
resp->status, fl->fl_pid, fl->fl_type, resp->status, (int)resp->lock.svid, fl->fl_type,
(long long)fl->fl_start, (long long)fl->fl_end); (long long)fl->fl_start, (long long)fl->fl_end);
} }
...@@ -303,7 +304,8 @@ nlm4svc_decode_shareargs(struct svc_rqst *rqstp, u32 *p, nlm_args *argp) ...@@ -303,7 +304,8 @@ nlm4svc_decode_shareargs(struct svc_rqst *rqstp, u32 *p, nlm_args *argp)
memset(lock, 0, sizeof(*lock)); memset(lock, 0, sizeof(*lock));
locks_init_lock(&lock->fl); locks_init_lock(&lock->fl);
lock->fl.fl_pid = ~(u32) 0; lock->svid = ~(u32) 0;
lock->fl.fl_pid = (pid_t)lock->svid;
if (!(p = nlm4_decode_cookie(p, &argp->cookie)) if (!(p = nlm4_decode_cookie(p, &argp->cookie))
|| !(p = xdr_decode_string_inplace(p, &lock->caller, || !(p = xdr_decode_string_inplace(p, &lock->caller,
...@@ -420,7 +422,8 @@ nlm4clt_decode_testres(struct rpc_rqst *req, u32 *p, struct nlm_res *resp) ...@@ -420,7 +422,8 @@ nlm4clt_decode_testres(struct rpc_rqst *req, u32 *p, struct nlm_res *resp)
memset(&resp->lock, 0, sizeof(resp->lock)); memset(&resp->lock, 0, sizeof(resp->lock));
locks_init_lock(fl); locks_init_lock(fl);
excl = ntohl(*p++); excl = ntohl(*p++);
fl->fl_pid = ntohl(*p++); resp->lock.svid = ntohl(*p++);
fl->fl_pid = (pid_t)resp->lock.svid;
if (!(p = nlm4_decode_oh(p, &resp->lock.oh))) if (!(p = nlm4_decode_oh(p, &resp->lock.oh)))
return -EIO; return -EIO;
......
...@@ -28,6 +28,7 @@ struct nlm_lock { ...@@ -28,6 +28,7 @@ struct nlm_lock {
int len; /* length of "caller" */ int len; /* length of "caller" */
struct nfs_fh fh; struct nfs_fh fh;
struct xdr_netobj oh; struct xdr_netobj oh;
u32 svid;
struct file_lock fl; struct file_lock fl;
}; };
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册