Message ID | 20210927231217.116193-3-cascardo@canonical.com |
---|---|
State | New |
Headers | show |
Series | [SRU,HWE-5.8] NFSv4: Initialise connection to the server in nfs4_alloc_client() | expand |
On 28.09.21 01:12, Thadeu Lima de Souza Cascardo wrote: > From: Trond Myklebust <trond.myklebust@hammerspace.com> > > Set up the connection to the NFSv4 server in nfs4_alloc_client(), before > we've added the struct nfs_client to the net-namespace's nfs_client_list > so that a downed server won't cause other mounts to hang in the trunking > detection code. > > Reported-by: Michael Wakabayashi <mwakabayashi@vmware.com> > Fixes: 5c6e5b60aae4 ("NFS: Fix an Oops in the pNFS files and flexfiles connection setup to the DS") > Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> > (cherry picked from commit dd99e9f98fbf423ff6d365b37a98e8879170f17c) > CVE-2021-38199 > Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> > --- Applied to focal:linux-hwe-5.8/hwe-5.8. Thanks. -Stefan > fs/nfs/nfs4client.c | 82 +++++++++++++++++++++++---------------------- > 1 file changed, 42 insertions(+), 40 deletions(-) > > diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c > index 13157bfd9414..8b354c15ae0d 100644 > --- a/fs/nfs/nfs4client.c > +++ b/fs/nfs/nfs4client.c > @@ -197,8 +197,11 @@ void nfs40_shutdown_client(struct nfs_client *clp) > > struct nfs_client *nfs4_alloc_client(const struct nfs_client_initdata *cl_init) > { > - int err; > + char buf[INET6_ADDRSTRLEN + 1]; > + const char *ip_addr = cl_init->ip_addr; > struct nfs_client *clp = nfs_alloc_client(cl_init); > + int err; > + > if (IS_ERR(clp)) > return clp; > > @@ -222,6 +225,44 @@ struct nfs_client *nfs4_alloc_client(const struct nfs_client_initdata *cl_init) > init_waitqueue_head(&clp->cl_lock_waitq); > #endif > INIT_LIST_HEAD(&clp->pending_cb_stateids); > + > + if (cl_init->minorversion != 0) > + __set_bit(NFS_CS_INFINITE_SLOTS, &clp->cl_flags); > + __set_bit(NFS_CS_DISCRTRY, &clp->cl_flags); > + __set_bit(NFS_CS_NO_RETRANS_TIMEOUT, &clp->cl_flags); > + > + /* > + * Set up the connection to the server before we add add to the > + * global list. > + */ > + err = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_GSS_KRB5I); > + if (err == -EINVAL) > + err = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_UNIX); > + if (err < 0) > + goto error; > + > + /* If no clientaddr= option was specified, find a usable cb address */ > + if (ip_addr == NULL) { > + struct sockaddr_storage cb_addr; > + struct sockaddr *sap = (struct sockaddr *)&cb_addr; > + > + err = rpc_localaddr(clp->cl_rpcclient, sap, sizeof(cb_addr)); > + if (err < 0) > + goto error; > + err = rpc_ntop(sap, buf, sizeof(buf)); > + if (err < 0) > + goto error; > + ip_addr = (const char *)buf; > + } > + strlcpy(clp->cl_ipaddr, ip_addr, sizeof(clp->cl_ipaddr)); > + > + err = nfs_idmap_new(clp); > + if (err < 0) { > + dprintk("%s: failed to create idmapper. Error = %d\n", > + __func__, err); > + goto error; > + } > + __set_bit(NFS_CS_IDMAP, &clp->cl_res_state); > return clp; > > error: > @@ -372,8 +413,6 @@ static int nfs4_init_client_minor_version(struct nfs_client *clp) > struct nfs_client *nfs4_init_client(struct nfs_client *clp, > const struct nfs_client_initdata *cl_init) > { > - char buf[INET6_ADDRSTRLEN + 1]; > - const char *ip_addr = cl_init->ip_addr; > struct nfs_client *old; > int error; > > @@ -381,43 +420,6 @@ struct nfs_client *nfs4_init_client(struct nfs_client *clp, > /* the client is initialised already */ > return clp; > > - /* Check NFS protocol revision and initialize RPC op vector */ > - clp->rpc_ops = &nfs_v4_clientops; > - > - if (clp->cl_minorversion != 0) > - __set_bit(NFS_CS_INFINITE_SLOTS, &clp->cl_flags); > - __set_bit(NFS_CS_DISCRTRY, &clp->cl_flags); > - __set_bit(NFS_CS_NO_RETRANS_TIMEOUT, &clp->cl_flags); > - > - error = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_GSS_KRB5I); > - if (error == -EINVAL) > - error = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_UNIX); > - if (error < 0) > - goto error; > - > - /* If no clientaddr= option was specified, find a usable cb address */ > - if (ip_addr == NULL) { > - struct sockaddr_storage cb_addr; > - struct sockaddr *sap = (struct sockaddr *)&cb_addr; > - > - error = rpc_localaddr(clp->cl_rpcclient, sap, sizeof(cb_addr)); > - if (error < 0) > - goto error; > - error = rpc_ntop(sap, buf, sizeof(buf)); > - if (error < 0) > - goto error; > - ip_addr = (const char *)buf; > - } > - strlcpy(clp->cl_ipaddr, ip_addr, sizeof(clp->cl_ipaddr)); > - > - error = nfs_idmap_new(clp); > - if (error < 0) { > - dprintk("%s: failed to create idmapper. Error = %d\n", > - __func__, error); > - goto error; > - } > - __set_bit(NFS_CS_IDMAP, &clp->cl_res_state); > - > error = nfs4_init_client_minor_version(clp); > if (error < 0) > goto error; >
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c index 13157bfd9414..8b354c15ae0d 100644 --- a/fs/nfs/nfs4client.c +++ b/fs/nfs/nfs4client.c @@ -197,8 +197,11 @@ void nfs40_shutdown_client(struct nfs_client *clp) struct nfs_client *nfs4_alloc_client(const struct nfs_client_initdata *cl_init) { - int err; + char buf[INET6_ADDRSTRLEN + 1]; + const char *ip_addr = cl_init->ip_addr; struct nfs_client *clp = nfs_alloc_client(cl_init); + int err; + if (IS_ERR(clp)) return clp; @@ -222,6 +225,44 @@ struct nfs_client *nfs4_alloc_client(const struct nfs_client_initdata *cl_init) init_waitqueue_head(&clp->cl_lock_waitq); #endif INIT_LIST_HEAD(&clp->pending_cb_stateids); + + if (cl_init->minorversion != 0) + __set_bit(NFS_CS_INFINITE_SLOTS, &clp->cl_flags); + __set_bit(NFS_CS_DISCRTRY, &clp->cl_flags); + __set_bit(NFS_CS_NO_RETRANS_TIMEOUT, &clp->cl_flags); + + /* + * Set up the connection to the server before we add add to the + * global list. + */ + err = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_GSS_KRB5I); + if (err == -EINVAL) + err = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_UNIX); + if (err < 0) + goto error; + + /* If no clientaddr= option was specified, find a usable cb address */ + if (ip_addr == NULL) { + struct sockaddr_storage cb_addr; + struct sockaddr *sap = (struct sockaddr *)&cb_addr; + + err = rpc_localaddr(clp->cl_rpcclient, sap, sizeof(cb_addr)); + if (err < 0) + goto error; + err = rpc_ntop(sap, buf, sizeof(buf)); + if (err < 0) + goto error; + ip_addr = (const char *)buf; + } + strlcpy(clp->cl_ipaddr, ip_addr, sizeof(clp->cl_ipaddr)); + + err = nfs_idmap_new(clp); + if (err < 0) { + dprintk("%s: failed to create idmapper. Error = %d\n", + __func__, err); + goto error; + } + __set_bit(NFS_CS_IDMAP, &clp->cl_res_state); return clp; error: @@ -372,8 +413,6 @@ static int nfs4_init_client_minor_version(struct nfs_client *clp) struct nfs_client *nfs4_init_client(struct nfs_client *clp, const struct nfs_client_initdata *cl_init) { - char buf[INET6_ADDRSTRLEN + 1]; - const char *ip_addr = cl_init->ip_addr; struct nfs_client *old; int error; @@ -381,43 +420,6 @@ struct nfs_client *nfs4_init_client(struct nfs_client *clp, /* the client is initialised already */ return clp; - /* Check NFS protocol revision and initialize RPC op vector */ - clp->rpc_ops = &nfs_v4_clientops; - - if (clp->cl_minorversion != 0) - __set_bit(NFS_CS_INFINITE_SLOTS, &clp->cl_flags); - __set_bit(NFS_CS_DISCRTRY, &clp->cl_flags); - __set_bit(NFS_CS_NO_RETRANS_TIMEOUT, &clp->cl_flags); - - error = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_GSS_KRB5I); - if (error == -EINVAL) - error = nfs_create_rpc_client(clp, cl_init, RPC_AUTH_UNIX); - if (error < 0) - goto error; - - /* If no clientaddr= option was specified, find a usable cb address */ - if (ip_addr == NULL) { - struct sockaddr_storage cb_addr; - struct sockaddr *sap = (struct sockaddr *)&cb_addr; - - error = rpc_localaddr(clp->cl_rpcclient, sap, sizeof(cb_addr)); - if (error < 0) - goto error; - error = rpc_ntop(sap, buf, sizeof(buf)); - if (error < 0) - goto error; - ip_addr = (const char *)buf; - } - strlcpy(clp->cl_ipaddr, ip_addr, sizeof(clp->cl_ipaddr)); - - error = nfs_idmap_new(clp); - if (error < 0) { - dprintk("%s: failed to create idmapper. Error = %d\n", - __func__, error); - goto error; - } - __set_bit(NFS_CS_IDMAP, &clp->cl_res_state); - error = nfs4_init_client_minor_version(clp); if (error < 0) goto error;