From patchwork Fri Mar 5 00:43:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: NeilBrown X-Patchwork-Id: 12117187 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE610C433DB for ; Fri, 5 Mar 2021 00:44:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7E38C64F6A for ; Fri, 5 Mar 2021 00:44:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231359AbhCEAof (ORCPT ); Thu, 4 Mar 2021 19:44:35 -0500 Received: from mx2.suse.de ([195.135.220.15]:39284 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230408AbhCEAof (ORCPT ); Thu, 4 Mar 2021 19:44:35 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 272E3AEC3; Fri, 5 Mar 2021 00:44:34 +0000 (UTC) From: NeilBrown To: Steve Dickson Date: Fri, 05 Mar 2021 11:43:23 +1100 Subject: [PATCH 1/7] mountd: reject unknown client IP when !use_ipaddr. Cc: Linux NFS Mailing list Message-ID: <161490500398.15291.17202034046729749702.stgit@noble> In-Reply-To: <161490464823.15291.13358214486203434566.stgit@noble> References: <161490464823.15291.13358214486203434566.stgit@noble> User-Agent: StGit/0.23 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: NeilBrown When use_ipaddr is not in effect, an auth_unix_ip lookup request from the kernel for an unknown client will be rejected. When it IS in effect, these requests are always granted with the IP address being mapped to a string form of the address, preceded by a '$'. This is inconsistent behaviour and could present a small information leak. It means that, for example, a SETCLIENT NFSv4 request may or may not succeed depending on an internal setting in rpc.mountd. This is easily rectified by always checking if the client is known. Signed-off-by: NeilBrown --- support/export/cache.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/support/export/cache.c b/support/export/cache.c index f1569afb558c..156ebfd4087c 100644 --- a/support/export/cache.c +++ b/support/export/cache.c @@ -114,6 +114,7 @@ static void auth_unix_ip(int f) char class[20]; char ipaddr[INET6_ADDRSTRLEN + 1]; char *client = NULL; + struct addrinfo *ai = NULL; struct addrinfo *tmp = NULL; char buf[RPC_CHAN_BUF_SIZE], *bp; int blen; @@ -139,21 +140,17 @@ static void auth_unix_ip(int f) auth_reload(); - /* addr is a valid, interesting address, find the domain name... */ - if (!use_ipaddr) { - struct addrinfo *ai = NULL; - - ai = client_resolve(tmp->ai_addr); - if (ai) { - client = client_compose(ai); - nfs_freeaddrinfo(ai); - } + /* addr is a valid address, find the domain name... */ + ai = client_resolve(tmp->ai_addr); + if (ai) { + client = client_compose(ai); + nfs_freeaddrinfo(ai); } bp = buf; blen = sizeof(buf); qword_add(&bp, &blen, "nfsd"); qword_add(&bp, &blen, ipaddr); qword_adduint(&bp, &blen, time(0) + DEFAULT_TTL); - if (use_ipaddr) { + if (use_ipaddr && client) { memmove(ipaddr + 1, ipaddr, strlen(ipaddr) + 1); ipaddr[0] = '$'; qword_add(&bp, &blen, ipaddr);