knfsd, nlm and SHARE bug (?)

From: Dr Chris Richardson (foop@icr.ac.uk)
Date: Mon Jan 17 2000 - 12:03:50 EST

Next message: Dax Kelson: "Re: Xircom PCMCIA"
Previous message: D. Lance Robinson: "Re: Performance question"
Next in thread: Piete Brooks: "Re: knfsd, nlm and SHARE bug (?)"
Reply: Piete Brooks: "Re: knfsd, nlm and SHARE bug (?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Summary: knfsd's nlm seems to mishandle nlm SHARE requests

Tangentially, I've been exporting directories via NFS to a Netware
server running Novell's NFS for Netware v2.4. This product has
several snafus that I won't go into, but it also illuminated a (?)
bug in knfsd. I've tried this in 2.3.39, and 2.2.13 with Trond's
patches and the SGI nlm4 patches, both on top of a vanilla Redhat 6.0
install. Both have the same errors.

Exporting a directory from SGI's Irix 6.5.4m by NFS to a Netware box
and deleting a file in that directory from a netware session, the
following happens:

novell -> irix NFS C LOOKUP2 FH=C497 text-doc.txt
irix -> novell NFS R LOOKUP2 OK FH=C495
novell -> irix NLM C SHARE3 OH=0500 FH=C495 Mode=0 Access=2
irix -> novell NLM R SHARE3 OH=0500 granted 0
novell -> irix NLM C UNSHARE3 OH=0600 FH=C495 Mode=0 Access=2
irix -> novell NLM R UNSHARE3 OH=0600 granted 0
novell -> irix NFS C REMOVE2 FH=C497 text-doc.txt
irix -> novell NFS R REMOVE2 OK

Try it with a directory exported from Linux and the following
happens:

novell -> linux NFS C LOOKUP2 FH=234C text-doc.txt
linux -> novell NFS R LOOKUP2 OK FH=6516
novell -> linux NLM C SHARE3 OH=9809 FH=6516 Mode=0 Access=2
linux -> novell NLM R SHARE3 OH=9809 denied (no locks) 0

Poking about in the knfsd code, I see that when the NLM SHARE request
comes in, we ultimately end up calling nfsd_permission() to check
read access on the file to be shared. However, this is checked with
a UID of nobody. SHARE denies the lock. Thus, unless all files on
the exported directory are world-readable, even a properly
authenticated owner on the Netware system can't do anything with them.

Having pointed out the problem, I don't know what to do about it as,
AIUI the NLM requests don't have associated UID information. This is
why the permission check is done as nobody: the RPC request
containing the SHARE has no associated UID. Fudging the permission
check allows all sorts of nasty access violations to occur.

Is this a real problem or am I just rather stupid? Apologies if it's
real but known - I did hunt around in linux-kernel archives but
couldn't see anything relevant.

foop

-- Dr Chris Richardson - sysadmin, Structural Biology Section, icr.ac.uk

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Dax Kelson: "Re: Xircom PCMCIA"
Previous message: D. Lance Robinson: "Re: Performance question"
Next in thread: Piete Brooks: "Re: knfsd, nlm and SHARE bug (?)"
Reply: Piete Brooks: "Re: knfsd, nlm and SHARE bug (?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:16 EST