From patchwork Mon Mar 11 01:41:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: NeilBrown X-Patchwork-Id: 13588223 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 10884A3F for ; Mon, 11 Mar 2024 01:43:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710121427; cv=none; b=fbdRUTq3KI2iFaHbciQpYic3yAgMMkL9K9G9Iisr3ANaI7SUDdaUTVR3ZdzJsCsFyTo8zF0p+o1p684NluBzXcyyTMQyVW8iMA5Hi1wIWvZtKDYT2bNiHq+zNDnEvBWC031u/imO3S78sc1vYz+FVAJlFACe5qf7oH/C+IyCNvQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710121427; c=relaxed/simple; bh=04++OgeyTQjhMJGzegf+TQQhsXtvH6nUjPpiEvlKpEQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Rz6i1yIhGs/zwY+nY5lTNrTrS38bvCC+mnqkut+d+G/bvIG9zRSgbEKMyO4TgwVgXsC+DyJEQ6QWnu5kUnol6znlv06D7LwgatwUUfQtIdbzwtuEhFhW6wi55xXLspHBN0hDdhEszFc73GPrM0Rq76h5espNKQ4O0QXblQNAGhQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de; spf=pass smtp.mailfrom=suse.de; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=I3Q62an8; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=IEHdNWs5; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=I3Q62an8; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=IEHdNWs5; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="I3Q62an8"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="IEHdNWs5"; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="I3Q62an8"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="IEHdNWs5" Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 4BD8B346B3; Mon, 11 Mar 2024 01:43:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1710121423; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0sf0asoQDvM+uH1hr7+yzvNtjLodpQrx8XWUyqGyovY=; b=I3Q62an8rTYdBaeJq4c1cy66IEZlTPDri/Hcs7niLHVjoCj3t6lMmZ0cjhyANmaGWrC0MG bbVsznzvKNptQNliz1SpDiCn/pmqTPnSwV14yVbai21U2WrwE2v4l+o8Gm8gQT3iQG442Q 1XijIifKq2WfSzaUXxpt6mynLjeHuLw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1710121423; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0sf0asoQDvM+uH1hr7+yzvNtjLodpQrx8XWUyqGyovY=; b=IEHdNWs5vBxCeKyZVZZ9mgF9D7RlE6e3awxGINgciOrlP0hIK46AhKjGWB8LwuGU7OHEJ3 pcArWCcvQF1uxbAQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1710121423; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0sf0asoQDvM+uH1hr7+yzvNtjLodpQrx8XWUyqGyovY=; b=I3Q62an8rTYdBaeJq4c1cy66IEZlTPDri/Hcs7niLHVjoCj3t6lMmZ0cjhyANmaGWrC0MG bbVsznzvKNptQNliz1SpDiCn/pmqTPnSwV14yVbai21U2WrwE2v4l+o8Gm8gQT3iQG442Q 1XijIifKq2WfSzaUXxpt6mynLjeHuLw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1710121423; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0sf0asoQDvM+uH1hr7+yzvNtjLodpQrx8XWUyqGyovY=; b=IEHdNWs5vBxCeKyZVZZ9mgF9D7RlE6e3awxGINgciOrlP0hIK46AhKjGWB8LwuGU7OHEJ3 pcArWCcvQF1uxbAQ== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 2B711134AB; Mon, 11 Mar 2024 01:43:41 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap1.dmz-prg2.suse.org with ESMTPSA id JqMuMM1h7mXxfgAAD6G6ig (envelope-from ); Mon, 11 Mar 2024 01:43:41 +0000 From: NeilBrown To: Steve Dickson Cc: linux-nfs@vger.kernel.org Subject: [PATCH 1/3] Allow working with abstract AF_UNIX addresses. Date: Mon, 11 Mar 2024 12:41:16 +1100 Message-ID: <20240311014327.19692-2-neilb@suse.de> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240311014327.19692-1-neilb@suse.de> References: <20240311014327.19692-1-neilb@suse.de> Precedence: bulk X-Mailing-List: linux-nfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Level: **** Authentication-Results: smtp-out1.suse.de; none X-Spamd-Result: default: False [4.90 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_MISSING_CHARSET(2.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; BROKEN_CONTENT_TYPE(1.50)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:email]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[] X-Spam-Score: 4.90 X-Spam-Flag: NO Linux supports abstract addresses for AF_UNIX. These have .sun_path starting with '\0'. When presented in human-readable form they have a leading '@' instead. The length of the sockaddr must not include any trailing zeroes after the abstract name, as they will treated as part of the name and cause address matching to fail. This patch makes various changes to code that works with sun_path to ensure that abstract addresses work correctly. In particular it fixes a bug in __rpc_sockisbound() which incorrectly determines that a socket bound to an abstract address is in fact not bound. This prevents sockets with abstract addresses being used even when created outside of the library. Signed-off-by: NeilBrown --- src/rpc_com.h | 6 ++++++ src/rpc_generic.c | 18 ++++++++++++------ src/rpc_soc.c | 6 +++++- 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/src/rpc_com.h b/src/rpc_com.h index 76badefcfe90..ded72d1a647e 100644 --- a/src/rpc_com.h +++ b/src/rpc_com.h @@ -60,6 +60,12 @@ bool_t __xdrrec_getrec(XDR *, enum xprt_stat *, bool_t); void __xprt_unregister_unlocked(SVCXPRT *); void __xprt_set_raddr(SVCXPRT *, const struct sockaddr_storage *); +/* Evaluate to actual length of the `sockaddr_un' structure, whether + * abstract or not. + */ +#include +#define SUN_LEN_A(ptr) (offsetof(struct sockaddr_un, sun_path) \ + + 1 + strlen((ptr)->sun_path + 1)) extern int __svc_maxrec; diff --git a/src/rpc_generic.c b/src/rpc_generic.c index aabbe4be896c..ee44c8d6eac4 100644 --- a/src/rpc_generic.c +++ b/src/rpc_generic.c @@ -650,7 +650,8 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf) if (path_len < 0) return NULL; - if (asprintf(&ret, "%.*s", path_len, sun->sun_path) < 0) + if (asprintf(&ret, "%c%.*s", sun->sun_path[0] ?: '@', + path_len - 1, sun->sun_path + 1) < 0) return (NULL); break; default: @@ -682,9 +683,10 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr) /* * AF_LOCAL addresses are expected to be absolute - * pathnames, anything else will be AF_INET or AF_INET6. + * pathnames or abstract names, anything else will be + * AF_INET or AF_INET6. */ - if (*addrstr != '/') { + if (*addrstr != '/' && *addrstr != '@') { p = strrchr(addrstr, '.'); if (p == NULL) goto out; @@ -747,6 +749,9 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr) strncpy(sun->sun_path, addrstr, sizeof(sun->sun_path) - 1); ret->len = SUN_LEN(sun); ret->maxlen = sizeof(struct sockaddr_un); + if (sun->sun_path[0] == '@') + /* Abstract address */ + sun->sun_path[0] = '\0'; ret->buf = sun; break; default: @@ -834,6 +839,7 @@ __rpc_sockisbound(int fd) struct sockaddr_un usin; } u_addr; socklen_t slen; + int path_len; slen = sizeof (struct sockaddr_storage); if (getsockname(fd, (struct sockaddr *)(void *)&ss, &slen) < 0) @@ -849,9 +855,9 @@ __rpc_sockisbound(int fd) return (u_addr.sin6.sin6_port != 0); #endif case AF_LOCAL: - /* XXX check this */ - memcpy(&u_addr.usin, &ss, sizeof(u_addr.usin)); - return (u_addr.usin.sun_path[0] != 0); + memcpy(&u_addr.usin, &ss, sizeof(u_addr.usin)); + path_len = slen - offsetof(struct sockaddr_un, sun_path); + return path_len > 0; default: break; } diff --git a/src/rpc_soc.c b/src/rpc_soc.c index fde121db75cf..c6c93b50337d 100644 --- a/src/rpc_soc.c +++ b/src/rpc_soc.c @@ -701,7 +701,11 @@ svcunix_create(sock, sendsize, recvsize, path) memset(&sun, 0, sizeof sun); sun.sun_family = AF_LOCAL; strncpy(sun.sun_path, path, (sizeof(sun.sun_path)-1)); - addrlen = sizeof(struct sockaddr_un); + if (sun.sun_path[0] == '@') + /* abstract address */ + sun.sun_path[0] = '\0'; + + addrlen = SUN_LEN_A(&sun); sa = (struct sockaddr *)&sun; if (bind(sock, sa, addrlen) < 0) From patchwork Mon Mar 11 01:41:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: NeilBrown X-Patchwork-Id: 13588224 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 574C5EBE for ; Mon, 11 Mar 2024 01:43:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710121432; cv=none; b=ABMZbF43km40NZn2X/4NPF36KxWX0n1Pz57BWZzv8ejlc9HoQCX0kV3HBymhbyweP13FYETaPmjzpsYEuAo83e7OH9pd14ZKhO1uTDRPC5FqzdQ5XcE3wEtABTIL8PFnucEEubToeYw7bCFqmsNwSv9IDSIvMuz3FJfRzzQON44= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710121432; c=relaxed/simple; bh=zMYVPkJ6fKe23n3DnO9szLDPCDjQYXFFwXcfjXrKu0c=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jyHbHrCREIjdMkbytxSpJmqSqC+D7fpYdlPGUbGttq+MvL9aPabudpXYa7ZVNPoG2AtOkfF+0QOKvoXw8FT4/ORkwGp0EEHtKtulQTv70+i2HJ+2NHavcU5AhQ3AoFywBz/3QA3C47MIoFvfi/qyitBoY+XMzLv5HKRvD4uWO7I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de; spf=pass smtp.mailfrom=suse.de; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=KpidfEZt; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=MB5r/lUm; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=KpidfEZt; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=MB5r/lUm; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="KpidfEZt"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="MB5r/lUm"; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="KpidfEZt"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="MB5r/lUm" Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 96FB3346B3; Mon, 11 Mar 2024 01:43:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1710121428; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lk5231PrOoELxfmUgA7KpAl8ElTh4tkKIFDGD0inmHI=; b=KpidfEZt4NWRjvjoXR/ntyYf5rssMjtEdKvfB1qQvF73el9kLRU9jR+xM+1HkUwiNaI2zB 8Q2F+8rmDecrq09nfsNtgggHHlInrKpnZ6JYy97r0lvO6p+up0NGFz9IHtnTYHb82HKSFk WcmGM+4v6wlm6qumRsshL1n8DVxAsac= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1710121428; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lk5231PrOoELxfmUgA7KpAl8ElTh4tkKIFDGD0inmHI=; b=MB5r/lUmmwe4bWangNGSSP/emmoNR7+njDzRF2nNuZJgW8UuSSaKIznzHo829if2ej/Usq 1i5nsdfIPgRLoSAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1710121428; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lk5231PrOoELxfmUgA7KpAl8ElTh4tkKIFDGD0inmHI=; b=KpidfEZt4NWRjvjoXR/ntyYf5rssMjtEdKvfB1qQvF73el9kLRU9jR+xM+1HkUwiNaI2zB 8Q2F+8rmDecrq09nfsNtgggHHlInrKpnZ6JYy97r0lvO6p+up0NGFz9IHtnTYHb82HKSFk WcmGM+4v6wlm6qumRsshL1n8DVxAsac= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1710121428; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lk5231PrOoELxfmUgA7KpAl8ElTh4tkKIFDGD0inmHI=; b=MB5r/lUmmwe4bWangNGSSP/emmoNR7+njDzRF2nNuZJgW8UuSSaKIznzHo829if2ej/Usq 1i5nsdfIPgRLoSAg== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 782E9134AB; Mon, 11 Mar 2024 01:43:47 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap1.dmz-prg2.suse.org with ESMTPSA id jhNnB9Nh7mX2fgAAD6G6ig (envelope-from ); Mon, 11 Mar 2024 01:43:47 +0000 From: NeilBrown To: Steve Dickson Cc: linux-nfs@vger.kernel.org Subject: [PATCH 2/3] Change local_rpcb() to take a targaddr pointer. Date: Mon, 11 Mar 2024 12:41:17 +1100 Message-ID: <20240311014327.19692-3-neilb@suse.de> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240311014327.19692-1-neilb@suse.de> References: <20240311014327.19692-1-neilb@suse.de> Precedence: bulk X-Mailing-List: linux-nfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spamd-Bar: ++++ Authentication-Results: smtp-out1.suse.de; dkim=pass header.d=suse.de header.s=susede2_rsa header.b=KpidfEZt; dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b="MB5r/lUm" X-Spamd-Result: default: False [4.69 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; SPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_MISSING_CHARSET(2.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; BROKEN_CONTENT_TYPE(1.50)[]; DWL_DNSWL_BLOCKED(0.00)[suse.de:dkim]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; DKIM_TRACE(0.00)[suse.de:+]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; MX_GOOD(-0.01)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:email,suse.de:dkim]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-0.00)[38.48%]; RBL_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:104:10:150:64:97:from] X-Spam-Score: 4.69 X-Spam-Level: **** X-Rspamd-Queue-Id: 96FB3346B3 X-Spam-Flag: NO X-Rspamd-Server: rspamd1.dmz-prg2.suse.org One caller of local_rpcb() wants the target-addr, and local_rcpb() has easy access to it. So accept a pointer and fill it in if not NULL. This will simplify a future patch in which local_rpcb() makes a choice between different possible socket paths. Signed-off-by: NeilBrown --- src/rpcb_clnt.c | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c index 68fe69a320ff..2ed6ee65f8d6 100644 --- a/src/rpcb_clnt.c +++ b/src/rpcb_clnt.c @@ -89,7 +89,7 @@ static struct address_cache *copy_of_cached(const char *, char *); static void delete_cache(struct netbuf *); static void add_cache(const char *, const char *, struct netbuf *, char *); static CLIENT *getclnthandle(const char *, const struct netconfig *, char **); -static CLIENT *local_rpcb(void); +static CLIENT *local_rpcb(char **targaddr); #ifdef NOTUSED static struct netbuf *got_entry(rpcb_entry_list_ptr, const struct netconfig *); #endif @@ -430,19 +430,12 @@ getclnthandle(host, nconf, targaddr) nconf->nc_netid, si.si_af, si.si_proto, si.si_socktype)); if (nconf->nc_protofmly != NULL && strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0) { - client = local_rpcb(); + client = local_rpcb(targaddr); if (! client) { LIBTIRPC_DEBUG(1, ("getclnthandle: %s", clnt_spcreateerror("local_rpcb failed"))); goto out_err; } else { - struct sockaddr_un sun; - - if (targaddr) { - *targaddr = malloc(sizeof(sun.sun_path)); - strncpy(*targaddr, _PATH_RPCBINDSOCK, - sizeof(sun.sun_path)); - } return (client); } } else { @@ -492,6 +485,8 @@ getclnthandle(host, nconf, targaddr) if (res) freeaddrinfo(res); out_err: + if (client && targaddr &&!*targaddr) + fprintf(stderr, "No targaddr provided\n"); if (!client && targaddr) free(*targaddr); return (client); @@ -541,7 +536,8 @@ getpmaphandle(nconf, hostname, tgtaddr) * rpcbind. Returns NULL on error and free's everything. */ static CLIENT * -local_rpcb() +local_rpcb(targaddr) + char **targaddr; { CLIENT *client; static struct netconfig *loopnconf; @@ -574,6 +570,8 @@ local_rpcb() if (client != NULL) { /* Mark the socket to be closed in destructor */ (void) CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL); + if (targaddr) + *targaddr = strdup(sun.sun_path); return client; } @@ -632,7 +630,7 @@ try_nconf: endnetconfig(nc_handle); } mutex_unlock(&loopnconf_lock); - client = getclnthandle(hostname, loopnconf, NULL); + client = getclnthandle(hostname, loopnconf, targaddr); return (client); } @@ -661,7 +659,7 @@ rpcb_set(program, version, nconf, address) rpc_createerr.cf_stat = RPC_UNKNOWNADDR; return (FALSE); } - client = local_rpcb(); + client = local_rpcb(NULL); if (! client) { return (FALSE); } @@ -712,7 +710,7 @@ rpcb_unset(program, version, nconf) RPCB parms; char uidbuf[32]; - client = local_rpcb(); + client = local_rpcb(NULL); if (! client) { return (FALSE); } @@ -1342,7 +1340,7 @@ rpcb_taddr2uaddr(nconf, taddr) rpc_createerr.cf_stat = RPC_UNKNOWNADDR; return (NULL); } - client = local_rpcb(); + client = local_rpcb(NULL); if (! client) { return (NULL); } @@ -1376,7 +1374,7 @@ rpcb_uaddr2taddr(nconf, uaddr) rpc_createerr.cf_stat = RPC_UNKNOWNADDR; return (NULL); } - client = local_rpcb(); + client = local_rpcb(NULL); if (! client) { return (NULL); } From patchwork Mon Mar 11 01:41:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: NeilBrown X-Patchwork-Id: 13588225 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C77AD10E9 for ; Mon, 11 Mar 2024 01:43:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710121437; cv=none; b=ukURlOHYf6k1lytvMXHBPnSaIY+m2depO/GcvM4lesTfLQGkFKk8U5bK1nFGJXIyg/7QEEwEXA5h6ANiBbqBdja0YwxnGZZbtXermNCffW86Ox+M9+D2Lkq8pNJOwUar54B5JdZfiUozd3pWSraUlX2mvpUOsayNKFrSJyd08jQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710121437; c=relaxed/simple; bh=0KIon+veWRKvkd+IRRdLL4kkrGjZVSvtIRXjksxdNdI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=iQyusoCsyTaAMBrYI84jLmrNK63Pbhz8WRmhHx49Kj0W+8Q1arvsag8ifMgrw7kl1YJYIFwlbDuM7W5KnfiK2RbwlOtfj72mppMjuZc4sqXcYSqDLwXipia4yETybLnW0zWswjQRWiyoJb6LVdcyReUd0azmbM0iB7dr4n0i8CA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de; spf=pass smtp.mailfrom=suse.de; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=zWytLS2n; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=nG0IFx6C; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b=UqnTloaJ; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b=sk4vjawy; arc=none smtp.client-ip=195.135.223.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="zWytLS2n"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="nG0IFx6C"; dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de header.b="UqnTloaJ"; dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de header.b="sk4vjawy" Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id F03B75C04E; Mon, 11 Mar 2024 01:43:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1710121434; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vf9NiwZ5jWIpnjSyWuhrJRDKjG1GG4UfHlAcd9pdBuw=; b=zWytLS2nbbmGdJbX/Ri2wWepFxEASasroOlqactan7CrlfnHADXBacb0UJRrhfgcUpxlgY 5boEiya8j81gqOM9t22J4AfsJ17SbXjHmEqnU2zet2jOY/oceidj7ADKURATCO5sYzs6y6 yQN+9CzZZxtFNoIIbSKpuEVMev/IsN4= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1710121434; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vf9NiwZ5jWIpnjSyWuhrJRDKjG1GG4UfHlAcd9pdBuw=; b=nG0IFx6C9qhwBshMJGHG44Wy3q9Tyr0KXk3+/nX2zSgLZsTzfVW+jTIFXlA0/syUXNIkhr 370LxppxUxt74+Dw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1710121433; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vf9NiwZ5jWIpnjSyWuhrJRDKjG1GG4UfHlAcd9pdBuw=; b=UqnTloaJUU53V5CcKMEkF5NdxWr0E0Ph1dX+Og9BgtHhxqEcKheoVAyvl1Sz2E9FpQwWhW HHAihJg51JqjWjTOlA1CJ7p3aZ7dU6tvj4soADo96E2egWDmAVqSRDH+xTbDgXH8GjDJWj ol5fEJ3lQjALhSmUjKhm/ap2rcNnhT8= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1710121433; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vf9NiwZ5jWIpnjSyWuhrJRDKjG1GG4UfHlAcd9pdBuw=; b=sk4vjawycMX69T/KsEez93rnIT97K2ce4leyFGDBtS5wYabIyFfi3sAx7u5M7OwzwjodRS 7gqPmEOULx+lPGCw== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id CFA86134AB; Mon, 11 Mar 2024 01:43:52 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap1.dmz-prg2.suse.org with ESMTPSA id 5bu2HNhh7mX/fgAAD6G6ig (envelope-from ); Mon, 11 Mar 2024 01:43:52 +0000 From: NeilBrown To: Steve Dickson Cc: linux-nfs@vger.kernel.org Subject: [PATCH 3/3] Try using a new abstract address when connecting to rpcbind Date: Mon, 11 Mar 2024 12:41:18 +1100 Message-ID: <20240311014327.19692-4-neilb@suse.de> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240311014327.19692-1-neilb@suse.de> References: <20240311014327.19692-1-neilb@suse.de> Precedence: bulk X-Mailing-List: linux-nfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Authentication-Results: smtp-out2.suse.de; none X-Spam-Level: X-Spam-Score: 0.70 X-Spamd-Result: default: False [0.70 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_MISSING_CHARSET(2.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; BROKEN_CONTENT_TYPE(1.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; NEURAL_HAM_SHORT(-0.20)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:email]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Flag: NO As RPC services are network services, it can make sense to localise them in a network namespace on Linux. Unfortunately the use of a path name - /var/run/rpcbind.sock - to contact rpcbind makes that difficult and requires a mount namespace to be created as well. Linux supports abstract addresses for AF_UNIX sockets. These start with a nul byte and (by convention) no other nul bytes with the length specified by the addrlen. Abstract addresses are matched by byte comparison without reference to the filesystem, and are local to the network namespace in which are used. Using an abstract address for contacting rpcbind removes the need for a mount namespace. Back comparability is assured by attempting to connect to the existing well known address (/var/run/rpcbind.sock) if the abstract address cannot be reached. Choosing the name needs some care as the same address will be configured for rpcbind, and needs to be built in to libtirpc for this enhancement to be fully successful. There is no formal standard for choosing abstract addresses. The defacto standard appears to be to use a path name similar to what would be used for a filesystem AF_UNIX address - but with a leading nul. In that case "\0/var/run/rpcbind.sock" seems like the best choice. However at this time /var/run is deprecated in favour of /run, so "\0/run/rpcbind.sock" might be better. Though as we are deliberately moving away from using the filesystem it might seem more sensible to explicitly break the connection and just have "\0rpcbind.socket" using the same name as the systemd unit file.. The linux kernel already attempts to connect to the second option, "\0/run/rpcbind.sock" since Linux v6.5 so this patch chooses that option. Signed-off-by: NeilBrown --- src/rpcb_clnt.c | 79 +++++++++++++++++++++++++++---------------- tirpc/rpc/rpcb_prot.h | 1 + tirpc/rpc/rpcb_prot.x | 1 + 3 files changed, 52 insertions(+), 29 deletions(-) diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c index 2ed6ee65f8d6..6e7c3a0d008f 100644 --- a/src/rpcb_clnt.c +++ b/src/rpcb_clnt.c @@ -547,37 +547,51 @@ local_rpcb(targaddr) size_t tsize; struct netbuf nbuf; struct sockaddr_un sun; + int i; /* * Try connecting to the local rpcbind through a local socket - * first. If this doesn't work, try all transports defined in - * the netconfig file. + * first - trying both addresses. If this doesn't work, try all + * non-local transports defined in the netconfig file. */ - memset(&sun, 0, sizeof sun); - sock = socket(AF_LOCAL, SOCK_STREAM, 0); - if (sock < 0) - goto try_nconf; - sun.sun_family = AF_LOCAL; - strcpy(sun.sun_path, _PATH_RPCBINDSOCK); - nbuf.len = SUN_LEN(&sun); - nbuf.maxlen = sizeof (struct sockaddr_un); - nbuf.buf = &sun; - - tsize = __rpc_get_t_size(AF_LOCAL, 0, 0); - client = clnt_vc_create(sock, &nbuf, (rpcprog_t)RPCBPROG, - (rpcvers_t)RPCBVERS, tsize, tsize); + for (i = 0; i < 2; i++) { + memset(&sun, 0, sizeof sun); + sock = socket(AF_LOCAL, SOCK_STREAM, 0); + if (sock < 0) + goto try_nconf; + sun.sun_family = AF_LOCAL; + switch (i) { + case 0: + memcpy(sun.sun_path, _PATH_RPCBINDSOCK_ABSTRACT, + sizeof(_PATH_RPCBINDSOCK_ABSTRACT)); + break; + case 1: + strcpy(sun.sun_path, _PATH_RPCBINDSOCK); + break; + } + nbuf.len = SUN_LEN_A(&sun); + nbuf.maxlen = sizeof (struct sockaddr_un); + nbuf.buf = &sun; + + tsize = __rpc_get_t_size(AF_LOCAL, 0, 0); + client = clnt_vc_create(sock, &nbuf, (rpcprog_t)RPCBPROG, + (rpcvers_t)RPCBVERS, tsize, tsize); + + if (client != NULL) { + /* Mark the socket to be closed in destructor */ + (void) CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL); + if (targaddr) { + if (sun.sun_path[0] == 0) + sun.sun_path[0] = '@'; + *targaddr = strdup(sun.sun_path); + } + return client; + } - if (client != NULL) { - /* Mark the socket to be closed in destructor */ - (void) CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL); - if (targaddr) - *targaddr = strdup(sun.sun_path); - return client; + /* Nobody needs this socket anymore; free the descriptor. */ + close(sock); } - /* Nobody needs this socket anymore; free the descriptor. */ - close(sock); - try_nconf: /* VARIABLES PROTECTED BY loopnconf_lock: loopnconf */ @@ -766,7 +780,7 @@ got_entry(relp, nconf) /* * Quick check to see if rpcbind is up. Tries to connect over - * local transport. + * local transport - first abstract, then regular. */ bool_t __rpcbind_is_up() @@ -793,15 +807,22 @@ __rpcbind_is_up() if (sock < 0) return (FALSE); sun.sun_family = AF_LOCAL; - strncpy(sun.sun_path, _PATH_RPCBINDSOCK, sizeof(sun.sun_path)); - if (connect(sock, (struct sockaddr *)&sun, sizeof(sun)) < 0) { + memcpy(sun.sun_path, _PATH_RPCBINDSOCK_ABSTRACT, + sizeof(_PATH_RPCBINDSOCK_ABSTRACT)); + if (connect(sock, (struct sockaddr *)&sun, SUN_LEN_A(&sun)) == 0) { close(sock); - return (FALSE); + return (TRUE); + } + + strncpy(sun.sun_path, _PATH_RPCBINDSOCK, sizeof(sun.sun_path)); + if (connect(sock, (struct sockaddr *)&sun, sizeof(sun)) == 0) { + close(sock); + return (TRUE); } close(sock); - return (TRUE); + return (FALSE); } #endif diff --git a/tirpc/rpc/rpcb_prot.h b/tirpc/rpc/rpcb_prot.h index 7ae48b805370..eb3a0c47f66a 100644 --- a/tirpc/rpc/rpcb_prot.h +++ b/tirpc/rpc/rpcb_prot.h @@ -477,6 +477,7 @@ extern bool_t xdr_netbuf(XDR *, struct netbuf *); #define RPCBVERS_4 RPCBVERS4 #define _PATH_RPCBINDSOCK "/var/run/rpcbind.sock" +#define _PATH_RPCBINDSOCK_ABSTRACT "\0/run/rpcbind.sock" #else /* ndef _KERNEL */ #ifdef __cplusplus diff --git a/tirpc/rpc/rpcb_prot.x b/tirpc/rpc/rpcb_prot.x index b21ac3d535f6..472c11ffedd6 100644 --- a/tirpc/rpc/rpcb_prot.x +++ b/tirpc/rpc/rpcb_prot.x @@ -411,6 +411,7 @@ program RPCBPROG { %#define RPCBVERS_4 RPCBVERS4 % %#define _PATH_RPCBINDSOCK "/var/run/rpcbind.sock" +%#define _PATH_RPCBINDSOCK_ABSTRACT "\0/run/rpcbind.sock" % %#else /* ndef _KERNEL */ %#ifdef __cplusplus