Commit b79e87e0 authored by NeilBrown's avatar NeilBrown Committed by Trond Myklebust
Browse files

NFSv4.1: don't use machine credentials for CLOSE when using 'sec=sys' 



An NFSv4.1 client might close a file after the user who opened it has
logged off.  In this case the user's credentials may no longer be
valid, if they are e.g. kerberos credentials that have expired.

NFSv4.1 has a mechanism to allow the client to use machine credentials
to close a file.  However due to a short-coming in the RFC, a CLOSE
with those credentials may not be possible if the file in question
isn't exported to the same security flavor - the required PUTFH must
be rejected when this is the case.

Specifically if a server and client support kerberos in general and
have used it to form a machine credential, but the file is only
exported to "sec=sys", a PUTFH with the machine credentials will fail,
so CLOSE is not possible.

As RPC_AUTH_UNIX (used by sec=sys) credentials can never expire, there
is no value in using the machine credential in place of them.
So in that case, just use the users credentials for CLOSE etc, as you would
in NFSv4.0

Signed-off-by: default avatarNeil Brown <neilb@suse.com>
Signed-off-by: default avatarNeilBrown <neilb@suse.com>
Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
parent fd01b259

fs/nfs/nfs4_fs.h

+11 −0
Original line number Original line Diff line number Diff line
@@ -303,6 +303,17 @@ _nfs4_state_protect(struct nfs_client *clp, unsigned long sp4_mode, 
	struct rpc_cred *newcred = NULL;

	struct rpc_cred *newcred = NULL;

	rpc_authflavor_t flavor;

	rpc_authflavor_t flavor;





	if (sp4_mode == NFS_SP4_MACH_CRED_CLEANUP ||

	    sp4_mode == NFS_SP4_MACH_CRED_PNFS_CLEANUP) {

		/* Using machine creds for cleanup operations

		 * is only relevent if the client credentials

		 * might expire. So don't bother for

		 * RPC_AUTH_UNIX.  If file was only exported to

		 * sec=sys, the PUTFH would fail anyway.

		 */

		if ((*clntp)->cl_auth->au_flavor == RPC_AUTH_UNIX)

			return false;

	}

	if (test_bit(sp4_mode, &clp->cl_sp4_flags)) {

	if (test_bit(sp4_mode, &clp->cl_sp4_flags)) {

		spin_lock(&clp->cl_lock);

		spin_lock(&clp->cl_lock);

		if (clp->cl_machine_cred != NULL)

		if (clp->cl_machine_cred != NULL)

CRA Git | Maintained and supported by SUSTech CRA and CCSE