summaryrefslogtreecommitdiffstats
path: root/fs/nfsd/state.h
diff options
context:
space:
mode:
authorJ. Bruce Fields <bfields@redhat.com>2017-10-18 02:38:49 +0200
committerJ. Bruce Fields <bfields@redhat.com>2017-11-07 22:43:57 +0100
commit53da6a53e1d414e05759fa59b7032ee08f4e22d7 (patch)
tree807444a8d846c3f14fc988d7d73b9982ef8bb337 /fs/nfsd/state.h
parentnfsd4: fix cached replies to solo SEQUENCE compounds (diff)
downloadlinux-53da6a53e1d414e05759fa59b7032ee08f4e22d7.tar.xz
linux-53da6a53e1d414e05759fa59b7032ee08f4e22d7.zip
nfsd4: catch some false session retries
The spec allows us to return NFS4ERR_SEQ_FALSE_RETRY if we notice that the client is making a call that matches a previous (slot, seqid) pair but that *isn't* actually a replay, because some detail of the call doesn't actually match the previous one. Catching every such case is difficult, but we may as well catch a few easy ones. This also handles the case described in the previous patch, in a different way. The spec does however require us to catch the case where the difference is in the rpc credentials. This prevents somebody from snooping another user's replies by fabricating retries. (But the practical value of the attack is limited by the fact that the replies with the most sensitive data are READ replies, which are not normally cached.) Tested-by: Olga Kornievskaia <aglo@umich.edu> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd/state.h')
-rw-r--r--fs/nfsd/state.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/nfsd/state.h b/fs/nfsd/state.h
index 2488b7df1b35..86aa92d200e1 100644
--- a/fs/nfsd/state.h
+++ b/fs/nfsd/state.h
@@ -169,6 +169,7 @@ static inline struct nfs4_delegation *delegstateid(struct nfs4_stid *s)
struct nfsd4_slot {
u32 sl_seqid;
__be32 sl_status;
+ struct svc_cred sl_cred;
u32 sl_datalen;
u16 sl_opcnt;
#define NFSD4_SLOT_INUSE (1 << 0)