From nobody Sun Jan 29 02:52:28 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P4G7d2ndpz3c36n; Sun, 29 Jan 2023 02:52:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4P4G7d1FFvz40sj; Sun, 29 Jan 2023 02:52:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674960749; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zuUsrDgNRn+M/JbMpVoCkWQww4BEK6ZelEbpleKrfEk=; b=tgj5X8ZVa7ek3zGvJowdVUxWIcpsOdEdgnlhRBis91V+5aU3rjwJkEUn+VW9eqsz42Yln8 3p4Sff4H2CdMuJCl+F6TgeEihuryE5E0w3DrbXHSXiPyMG4lU+uOBqbcFMb/4ZgEC0equT L2Xu5AFuybfHXcysbKM60CDOFYyuuE5imDoUPHX7Kz6Djfh+QlwoEYy7zRQqVxrDb9hAB3 YrDTdJD5NpZvIHmeoALROD998FMB6JBafDyLW1axrwdKqTd2Aya3bzX+8Vu4NkwvoVHXww ZgFnvoyMEMANII9X5zswe288uCxDrIRt5pI4tMNYZZEwe5UV12TSiLZkutgMxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674960749; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zuUsrDgNRn+M/JbMpVoCkWQww4BEK6ZelEbpleKrfEk=; b=lACcJM1dosR39vvYHe1kHPDx0dvjcPwYyfZtpc+bMR0zkGHNoSDg7Py2ALDIVp7RN4wNoH PJ2isJwqZvPWApCI75xLCCNYk7MjzDa+G8hhKV+yAKKroC7j/YlFNM+bhtBnSEIvGsrACF pLmfTdoLCmHwunChbPx5OG2dnTqZSvFCrxuB/v0dXee9Q4LYRh3LCnsnxBWlqT0EprooWY bsz14eAmKOEkTsfpaPkO7z73KL6Gvey/XaH+LB2uCRRAbZDXFKRKJsjDrbPNhC27bpfTzc 3hEKMd5F+IigRTVa8brA5zDLj5kdcIP+3gzwCkkcokKu8ioEXr8NloPNTkqxRA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1674960749; a=rsa-sha256; cv=none; b=L518LCfU71CznC7S3JWlVcq7DE8LZ+JE+7dKIJccq/zepkDph3lKt6yswIAEzGV/HFDpmg jzKM7dZ1hMla/ZXSFISycmLtk2IN3jEOT7Udc70ReDgp7+pyvDv59fnyu63a3qOUXWH13a UHwkohnAGMjhjpc6+p1MyTRiv9PU3eVG9amKMZJ6Qlcj/oZzPclsIw2n5iP0Kfq/hxeODl Ezv9lGrQGJf0tFZ7XLE9JWTeSDHgDzhhkVkHXv8wlgRyvrkWoU1QMhAkeMx5xrx7MajGIl dL49DzJV7XZIPIO586xpID3hOZY/k+wcoTiiy1s+st9C3Q7wujT8gekwtadxsg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4P4G7d03zWz1CYP; Sun, 29 Jan 2023 02:52:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30T2qSQ5021427; Sun, 29 Jan 2023 02:52:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30T2qSwa021426; Sun, 29 Jan 2023 02:52:28 GMT (envelope-from git) Date: Sun, 29 Jan 2023 02:52:28 GMT Message-Id: <202301290252.30T2qSwa021426@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Rick Macklem Subject: git: c16c7b399645 - stable/13 - nfsserver: Fix handling of SP4_NONE List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: c16c7b399645519b3b5a3999a5283eed088d6fed Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=c16c7b399645519b3b5a3999a5283eed088d6fed commit c16c7b399645519b3b5a3999a5283eed088d6fed Author: Rick Macklem AuthorDate: 2023-01-15 22:07:40 +0000 Commit: Rick Macklem CommitDate: 2023-01-29 02:51:02 +0000 nfsserver: Fix handling of SP4_NONE For NFSv4.1/4.2, when the client specifies SP4_NONE for state protection in the ExchangeID operation arguments, the server MUST allow the state management operations for any user credentials. (I misread the RFC and thought that SP4_NONE meant "at the server's discression" and not MUST be allowed.) This means that the "sec=XXX" field of the "V4:" exports(5) line only applies to NFSv4.0. This patch fixes the server to always allow state management operations for SP4_NONE, which is the only state management option currently supported. (I have patches that add support for SP4_MACH_CRED to the server. These will be in a future commit.) In practice, this bug does not seem to have caused interoperability problems. (cherry picked from commit 5a0050e68a54353af53ac28df90854797ebbef16) --- sys/fs/nfsserver/nfs_nfsdstate.c | 7 ++++++- sys/fs/nfsserver/nfs_nfsdsubs.c | 8 ++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/sys/fs/nfsserver/nfs_nfsdstate.c b/sys/fs/nfsserver/nfs_nfsdstate.c index d7dd69dad9d7..26bdeb1c641f 100644 --- a/sys/fs/nfsserver/nfs_nfsdstate.c +++ b/sys/fs/nfsserver/nfs_nfsdstate.c @@ -5867,12 +5867,17 @@ nfsrv_throwawayopens(NFSPROC_T *p) /* * This function checks to see if the credentials are the same. - * Returns 1 for not same, 0 otherwise. + * The check for same credentials is needed for state management operations + * for NFSv4.0 where 1 is returned if not same, 0 is returned otherwise. */ static int nfsrv_notsamecredname(struct nfsrv_descript *nd, struct nfsclient *clp) { + /* For NFSv4.1/4.2, SP4_NONE always allows this. */ + if ((nd->nd_flag & ND_NFSV41) != 0) + return (0); + if (nd->nd_flag & ND_GSS) { if (!(clp->lc_flags & LCL_GSS)) return (1); diff --git a/sys/fs/nfsserver/nfs_nfsdsubs.c b/sys/fs/nfsserver/nfs_nfsdsubs.c index ca691941ed0d..20f62211f53e 100644 --- a/sys/fs/nfsserver/nfs_nfsdsubs.c +++ b/sys/fs/nfsserver/nfs_nfsdsubs.c @@ -2121,6 +2121,14 @@ nfsd_checkrootexp(struct nfsrv_descript *nd) if (nfs_rootfhset == 0) return (NFSERR_AUTHERR | AUTH_FAILED); + /* + * For NFSv4.1/4.2, if the client specifies SP4_NONE, then these + * operations are allowed regardless of the value of the "sec=XXX" + * field in the V4: exports line. + * As such, these Kerberos checks only apply to NFSv4.0 mounts. + */ + if ((nd->nd_flag & ND_NFSV41) != 0) + goto checktls; if ((nd->nd_flag & (ND_GSS | ND_EXAUTHSYS)) == ND_EXAUTHSYS) goto checktls; if ((nd->nd_flag & (ND_GSSINTEGRITY | ND_EXGSSINTEGRITY)) ==