Mercurial > illumos > illumos-gate
comparison usr/src/uts/common/fs/nfs/nfs_server.c @ 13985:ad441dd34478
Back out hg changeset 829c00a55a37, bug 2986 -- introduces vulnerability
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Reviewed by: Christopher Siden <christopher.siden@delphix.com>
Approved by: Dan McDonald <danmcd@nexenta.com>
author | Marcel Telka <marcel.telka@nexenta.com> |
---|---|
date | Thu, 14 Mar 2013 17:58:04 -0400 |
parents | 829c00a55a37 |
children | bcbb822da4dd |
comparison
equal
deleted
inserted
replaced
13984:dc0c7baefe32 | 13985:ad441dd34478 |
---|---|
19 * CDDL HEADER END | 19 * CDDL HEADER END |
20 */ | 20 */ |
21 /* | 21 /* |
22 * Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved. | 22 * Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved. |
23 * Copyright (c) 2011 Bayard G. Bell. All rights reserved. | 23 * Copyright (c) 2011 Bayard G. Bell. All rights reserved. |
24 * Copyright 2012 Nexenta Systems, Inc. All rights reserved. | |
25 */ | 24 */ |
26 | 25 |
27 /* | 26 /* |
28 * Copyright (c) 1983,1984,1985,1986,1987,1988,1989 AT&T. | 27 * Copyright (c) 1983,1984,1985,1986,1987,1988,1989 AT&T. |
29 * All rights reserved. | 28 * All rights reserved. |
2799 * for odd case where a directory is provided as index | 2798 * for odd case where a directory is provided as index |
2800 * option argument and leads us to another filesystem | 2799 * option argument and leads us to another filesystem |
2801 */ | 2800 */ |
2802 | 2801 |
2803 /* Release the reference on the old exi value */ | 2802 /* Release the reference on the old exi value */ |
2803 ASSERT(*exi != NULL); | |
2804 exi_rele(*exi); | 2804 exi_rele(*exi); |
2805 *exi = NULL; | |
2806 | 2805 |
2807 if (error = nfs_check_vpexi(mc_dvp, *vpp, kcred, exi)) { | 2806 if (error = nfs_check_vpexi(mc_dvp, *vpp, kcred, exi)) { |
2808 VN_RELE(*vpp); | 2807 VN_RELE(*vpp); |
2809 goto publicfh_done; | 2808 goto publicfh_done; |
2810 } | 2809 } |
2812 } | 2811 } |
2813 | 2812 |
2814 publicfh_done: | 2813 publicfh_done: |
2815 if (mc_dvp) | 2814 if (mc_dvp) |
2816 VN_RELE(mc_dvp); | 2815 VN_RELE(mc_dvp); |
2817 | |
2818 if (error && *exi != NULL) | |
2819 exi_rele(*exi); | |
2820 | 2816 |
2821 return (error); | 2817 return (error); |
2822 } | 2818 } |
2823 | 2819 |
2824 /* | 2820 /* |
2961 | 2957 |
2962 | 2958 |
2963 /* | 2959 /* |
2964 * Get the export information for the lookup vnode, and verify its | 2960 * Get the export information for the lookup vnode, and verify its |
2965 * useable. | 2961 * useable. |
2966 * | |
2967 * Set @exip only in success | |
2968 */ | 2962 */ |
2969 int | 2963 int |
2970 nfs_check_vpexi(vnode_t *mc_dvp, vnode_t *vp, cred_t *cr, | 2964 nfs_check_vpexi(vnode_t *mc_dvp, vnode_t *vp, cred_t *cr, |
2971 struct exportinfo **exip) | 2965 struct exportinfo **exi) |
2972 { | 2966 { |
2973 int walk; | 2967 int walk; |
2974 int error = 0; | 2968 int error = 0; |
2975 struct exportinfo *exi; | 2969 |
2976 | 2970 *exi = nfs_vptoexi(mc_dvp, vp, cr, &walk, NULL, FALSE); |
2977 exi = nfs_vptoexi(mc_dvp, vp, cr, &walk, NULL, FALSE); | 2971 if (*exi == NULL) |
2978 if (exi == NULL) | |
2979 error = EACCES; | 2972 error = EACCES; |
2980 else { | 2973 else { |
2981 /* | 2974 /* |
2982 * If nosub is set for this export then | 2975 * If nosub is set for this export then |
2983 * a lookup relative to the public fh | 2976 * a lookup relative to the public fh |
2984 * must not terminate below the | 2977 * must not terminate below the |
2985 * exported directory. | 2978 * exported directory. |
2986 */ | 2979 */ |
2987 if (exi->exi_export.ex_flags & EX_NOSUB && walk > 0) { | 2980 if ((*exi)->exi_export.ex_flags & EX_NOSUB && walk > 0) |
2988 error = EACCES; | 2981 error = EACCES; |
2989 exi_rele(exi); | 2982 } |
2990 } | 2983 |
2991 } | |
2992 if (error == 0) | |
2993 *exip = exi; | |
2994 return (error); | 2984 return (error); |
2995 } | 2985 } |
2996 | 2986 |
2997 /* | 2987 /* |
2998 * Do the main work of handling HA-NFSv4 Resource Group failover on | 2988 * Do the main work of handling HA-NFSv4 Resource Group failover on |