Changeset View
Standalone View
sys/fs/nfsserver/nfs_nfsdkrpc.c
Show All 40 Lines | |||||
#include <fs/nfs/nfsport.h> | #include <fs/nfs/nfsport.h> | ||||
#include <rpc/rpc.h> | #include <rpc/rpc.h> | ||||
#include <rpc/rpcsec_gss.h> | #include <rpc/rpcsec_gss.h> | ||||
#include <fs/nfsserver/nfs_fha_new.h> | #include <fs/nfsserver/nfs_fha_new.h> | ||||
#include <security/audit/audit.h> | |||||
#include <security/mac/mac_framework.h> | #include <security/mac/mac_framework.h> | ||||
NFSDLOCKMUTEX; | NFSDLOCKMUTEX; | ||||
NFSV4ROOTLOCKMUTEX; | NFSV4ROOTLOCKMUTEX; | ||||
struct nfsv4lock nfsd_suspend_lock; | struct nfsv4lock nfsd_suspend_lock; | ||||
char *nfsrv_zeropnfsdat = NULL; | char *nfsrv_zeropnfsdat = NULL; | ||||
/* | /* | ||||
▲ Show 20 Lines • Show All 320 Lines • ▼ Show 20 Lines | nfs_proc(struct nfsrv_descript *nd, u_int32_t xid, SVCXPRT *xprt, | ||||
* Handle the request. There are three cases. | * Handle the request. There are three cases. | ||||
* RC_DOIT - do the RPC | * RC_DOIT - do the RPC | ||||
* RC_REPLY - return the reply already created | * RC_REPLY - return the reply already created | ||||
* RC_DROPIT - just throw the request away | * RC_DROPIT - just throw the request away | ||||
*/ | */ | ||||
if (cacherep == RC_DOIT) { | if (cacherep == RC_DOIT) { | ||||
if ((nd->nd_flag & ND_NFSV41) != 0) | if ((nd->nd_flag & ND_NFSV41) != 0) | ||||
nd->nd_xprt = xprt; | nd->nd_xprt = xprt; | ||||
AUDIT_NFSRPC_ENTER(nd, curthread); | |||||
asomers: What's different about NFSv4 here? | |||||
Done Inline Actionsshivank: NFSv4 audit support is in separate feature branch [[ https://github. | |||||
Done Inline ActionsI get it. NFSv4 goes through this code path, but it's pointless to audit arguments for the compound RPC. You'll audit the operations instead. asomers: I get it. NFSv4 goes through this code path, but it's pointless to audit arguments for the… | |||||
AUDIT_NFSARG_NETSOCKADDR(nd, nd->nd_nam); | |||||
nfsrvd_dorpc(nd, isdgram, tagstr, taglen, minorvers); | nfsrvd_dorpc(nd, isdgram, tagstr, taglen, minorvers); | ||||
Done Inline ActionsThis code will only audit one of the two nd_nam fields. But both fields can be used at the same time. Can you audit both instead? asomers: This code will only audit one of the two nd_nam fields. But both fields can be used at the… | |||||
Done Inline Actionsnd.nd_nam = svc_getrpccaller(rqst); nd.nd_nam2 = rqst->rq_addr; and, #define svc_getrpccaller(rq) \ ((rq)->rq_addr ? (rq)->rq_addr : \ (struct sockaddr *) &(rq)->rq_xprt->xp_rtaddr) So, when(TCP) nd_nam2 == NULL, nd_nam is client sockaddr. And, when(UDP) nd_nam2 != NULL, nd_nam and nd_nam2 are same. Therefore, Only one need to be audited. shivank: ```
nd.nd_nam = svc_getrpccaller(rqst);
nd.nd_nam2 = rqst->rq_addr;
```
and,
```
#define… | |||||
Done Inline ActionsHm, it looks like nd_nam2 is really just a glorified boolean: it's either null or not null. So we could audit it that way. The comment says that it indicates whether the mount uses TCP. But from a security auditing perspective, who cares? I think you should just ignore it. asomers: Hm, it looks like nd_nam2 is really just a glorified boolean: it's either null or not null. So… | |||||
Done Inline ActionsYep. If you really want the history behind this, it goes something like this... For TCP (it was the first NFS over TCP implementation ever done as far as I know), Since the code used the client address for exports checking, the one in the mbuf This was all long before the kernel RPC came along and nd_nam2 has just lived on. rmacklem: Yep. If you really want the history behind this, it goes something like this...
A few years ago… | |||||
AUDIT_NFSRPC_EXIT(nd, curthread); | |||||
if ((nd->nd_flag & ND_NFSV41) != 0) { | if ((nd->nd_flag & ND_NFSV41) != 0) { | ||||
if (nd->nd_repstat != NFSERR_REPLYFROMCACHE && | if (nd->nd_repstat != NFSERR_REPLYFROMCACHE && | ||||
(nd->nd_flag & ND_SAVEREPLY) != 0) { | (nd->nd_flag & ND_SAVEREPLY) != 0) { | ||||
/* Cache a copy of the reply. */ | /* Cache a copy of the reply. */ | ||||
m = m_copym(nd->nd_mreq, 0, M_COPYALL, | m = m_copym(nd->nd_mreq, 0, M_COPYALL, | ||||
M_WAITOK); | M_WAITOK); | ||||
} else | } else | ||||
m = NULL; | m = NULL; | ||||
▲ Show 20 Lines • Show All 202 Lines • Show Last 20 Lines |
What's different about NFSv4 here?