leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
53da6a53e1
linux/fs/nfsd
History
J. Bruce Fields 53da6a53e1 nfsd4: catch some false session retries 
The spec allows us to return NFS4ERR_SEQ_FALSE_RETRY if we notice that
the client is making a call that matches a previous (slot, seqid) pair
but that *isn't* actually a replay, because some detail of the call
doesn't actually match the previous one.

Catching every such case is difficult, but we may as well catch a few
easy ones.  This also handles the case described in the previous patch,
in a different way.

The spec does however require us to catch the case where the difference
is in the rpc credentials.  This prevents somebody from snooping another
user's replies by fabricating retries.

(But the practical value of the attack is limited by the fact that the
replies with the most sensitive data are READ replies, which are not
normally cached.)

Tested-by: Olga Kornievskaia <aglo@umich.edu>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2017-11-07 16:43:57 -05:00
..
acl.h nfsd4: remove nfs4_acl_new 2014-07-08 17:14:27 -04:00
auth.c cred: simpler, 1D supplementary groups 2016-10-07 18:46:30 -07:00
auth.h nfsd: Remove nfsd_luid, nfsd_lgid, nfsd_ruid and nfsd_rgid 2013-02-13 06:15:51 -08:00
blocklayout.c block: Make most scsi_req_init() calls implicit 2017-06-20 19:27:14 -06:00
blocklayoutxdr.c Highlights: 2016-08-04 19:59:06 -04:00
blocklayoutxdr.h nfsd: add SCSI layout support 2016-03-18 11:42:53 -04:00
cache.h nfsd: Remove the cache_hash list 2014-08-17 12:00:12 -04:00
current_stateid.h nfsd4: properly type op_get_currentstateid callbacks 2017-05-15 17:42:27 +02:00
export.c nfsd: namespace-prefix uuid_parse 2017-06-05 16:56:38 +02:00
export.h nfsd: allow nfsd to advertise multiple layout types 2016-07-15 15:31:32 -04:00
fault_inject.c nfsd: use ARRAY_SIZE 2017-10-05 13:56:39 -04:00
flexfilelayout.c nfsd: don't set a FL_LAYOUT lease for flexfiles layouts 2016-09-16 16:15:52 -04:00
flexfilelayoutxdr.c nfsd: Add a super simple flex file server 2016-07-13 15:40:48 -04:00
flexfilelayoutxdr.h nfsd: Add a super simple flex file server 2016-07-13 15:40:48 -04:00
idmap.h nfsd: Remove duplicate define of IDMAP_NAMESZ/IDMAP_TYPE_xx 2015-07-20 14:58:46 -04:00
Kconfig block: make scsi_request and scsi ioctl support optional 2017-01-31 10:53:05 -07:00
lockd.c lockd: constify nlmsvc_binding structure 2016-01-07 10:10:50 -05:00
Makefile nfsd: Add a super simple flex file server 2016-07-13 15:40:48 -04:00
netns.h netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
nfs2acl.c sunrpc: mark all struct svc_version instances as const 2017-05-15 17:42:31 +02:00
nfs3acl.c sunrpc: mark all struct svc_version instances as const 2017-05-15 17:42:31 +02:00
nfs3proc.c sunrpc: mark all struct svc_version instances as const 2017-05-15 17:42:31 +02:00
nfs3xdr.c nfsd4: factor ctime into change attribute 2017-07-12 15:55:00 -04:00
nfs4acl.c nfsd: check permissions when setting ACLs 2016-06-24 12:11:52 -04:00
nfs4callback.c nfsd: Fix a memory scribble in the callback channel 2017-07-17 13:15:06 -04:00
nfs4idmap.c nfsd/idmap: return nfserr_inval for 0-length names 2017-02-17 16:25:59 -05:00
nfs4layouts.c driver core patches for 4.11-rc1 2017-02-22 11:44:32 -08:00
nfs4proc.c nfsd: remove unnecessary nofilehandle checks 2017-10-04 16:25:00 -04:00
nfs4recover.c Various bugfixes, a RDMA update from Chuck Lever, and support for a new 2016-03-24 10:41:00 -07:00
nfs4state.c nfsd4: catch some false session retries 2017-11-07 16:43:57 -05:00
nfs4xdr.c nfsd: Incoming xdr_bufs may have content in tail buffer 2017-09-05 15:15:29 -04:00
nfscache.c lib/vsprintf.c: remove %Z support 2017-02-27 18:43:47 -08:00
nfsctl.c fs: constify tree_descr arrays passed to simple_fill_super() 2017-04-26 23:54:06 -04:00
nfsd.h sunrpc: mark all struct svc_version instances as const 2017-05-15 17:42:31 +02:00
nfsfh.c nfsd: check d_can_lookup in fh_verify of directories 2016-08-04 17:11:48 -04:00
nfsfh.h nfsd4: factor ctime into change attribute 2017-07-12 15:55:00 -04:00
nfsproc.c sunrpc: mark all struct svc_version instances as const 2017-05-15 17:42:31 +02:00
nfssvc.c nfsd: increase DRC cache limit 2017-10-04 16:25:01 -04:00
nfsxdr.c Linux 4.12-rc5 2017-06-28 13:34:15 -04:00
pnfs.h nfsd: don't set a FL_LAYOUT lease for flexfiles layouts 2016-09-16 16:15:52 -04:00
state.h nfsd4: catch some false session retries 2017-11-07 16:43:57 -05:00
stats.c drop redundant ->owner initializations 2016-05-29 19:08:00 -04:00
stats.h nfsd: move <linux/nfsd/stats.h> to fs/nfsd 2014-05-06 17:54:55 -04:00
trace.c nfsd: move include of state.h from trace.c to trace.h 2015-10-23 15:57:29 -04:00
trace.h nfsd: add new io class tracepoint 2016-01-14 17:32:51 -05:00
vfs.c annotate RWF_... flags 2017-08-31 17:32:38 -04:00
vfs.h statx: Add a system call to make enhanced file info available 2017-03-02 20:51:15 -05:00
xdr3.h sunrpc: properly type pc_encode callbacks 2017-05-15 17:42:25 +02:00
xdr4.h nfsd4: fix cached replies to solo SEQUENCE compounds 2017-11-07 16:43:57 -05:00
xdr4cb.h nfsd: plumb in a CB_NOTIFY_LOCK operation 2016-09-26 15:20:35 -04:00
xdr.h sunrpc: properly type pc_encode callbacks 2017-05-15 17:42:25 +02:00