knfsd: nfsd: enforce per-flavor id squashing

Allow root squashing to vary per-pseudoflavor, so that you can (for example) allow root access only when sufficiently strong security is in use. Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

knfsd: nfsd: enforce per-flavor id squashing
Allow root squashing to vary per-pseudoflavor, so that you can (for example) allow root access only when sufficiently strong security is in use. Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
J. Bruce Fields · Linus Torvalds
1 parent 9091224f3c
Showing 2 changed files with 18 additions and 3 deletions Side-by-side Diff
fs/nfsd/auth.c
include/linux/nfsd/export.h
@@ -12,17 +12,31 @@
  
 #define	CAP_NFSD_MASK (CAP_FS_MASK|CAP_TO_MASK(CAP_SYS_RESOURCE))
  
+static int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
+{
+	struct exp_flavor_info *f;
+	struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
+
+	for (f = exp->ex_flavors; f < end; f++) {
+		if (f->pseudoflavor == rqstp->rq_flavor)
+			return f->flags;
+	}
+	return exp->ex_flags;
+
+}
+
 int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
 {
 	struct svc_cred	cred = rqstp->rq_cred;
 	int i;
+	int flags = nfsexp_flags(rqstp, exp);
 	int ret;
  
-	if (exp->ex_flags & NFSEXP_ALLSQUASH) {
+	if (flags & NFSEXP_ALLSQUASH) {
 		cred.cr_uid = exp->ex_anon_uid;
 		cred.cr_gid = exp->ex_anon_gid;
 		cred.cr_group_info = groups_alloc(0);
-	} else if (exp->ex_flags & NFSEXP_ROOTSQUASH) {
+	} else if (flags & NFSEXP_ROOTSQUASH) {
 		struct group_info *gi;
 		if (!cred.cr_uid)
 			cred.cr_uid = exp->ex_anon_uid;
@@ -43,7 +43,8 @@
 #define NFSEXP_ALLFLAGS		0xFE3F
  
 /* The flags that may vary depending on security flavor: */
-#define NFSEXP_SECINFO_FLAGS	0
+#define NFSEXP_SECINFO_FLAGS	(NFSEXP_READONLY | NFSEXP_ROOTSQUASH \
+					| NFSEXP_ALLSQUASH)
  
 #ifdef __KERNEL__
...	...	@@ -12,17 +12,31 @@
12	12
13	13	#define CAP_NFSD_MASK (CAP_FS_MASK\|CAP_TO_MASK(CAP_SYS_RESOURCE))
14	14
	15	+static int nfsexp_flags(struct svc_rqst rqstp, struct svc_export exp)
	16	+{
	17	+ struct exp_flavor_info *f;
	18	+ struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
	19	+
	20	+ for (f = exp->ex_flavors; f < end; f++) {
	21	+ if (f->pseudoflavor == rqstp->rq_flavor)
	22	+ return f->flags;
	23	+ }
	24	+ return exp->ex_flags;
	25	+
	26	+}
	27	+
15	28	int nfsd_setuser(struct svc_rqst rqstp, struct svc_export exp)
16	29	{
17	30	struct svc_cred cred = rqstp->rq_cred;
18	31	int i;
	32	+ int flags = nfsexp_flags(rqstp, exp);
19	33	int ret;
20	34
21		- if (exp->ex_flags & NFSEXP_ALLSQUASH) {
	35	+ if (flags & NFSEXP_ALLSQUASH) {
22	36	cred.cr_uid = exp->ex_anon_uid;
23	37	cred.cr_gid = exp->ex_anon_gid;
24	38	cred.cr_group_info = groups_alloc(0);
25		- } else if (exp->ex_flags & NFSEXP_ROOTSQUASH) {
	39	+ } else if (flags & NFSEXP_ROOTSQUASH) {
26	40	struct group_info *gi;
27	41	if (!cred.cr_uid)
28	42	cred.cr_uid = exp->ex_anon_uid;
...	...	@@ -43,7 +43,8 @@
43	43	#define NFSEXP_ALLFLAGS 0xFE3F
44	44
45	45	/* The flags that may vary depending on security flavor: */
46		-#define NFSEXP_SECINFO_FLAGS 0
	46	+#define NFSEXP_SECINFO_FLAGS (NFSEXP_READONLY \| NFSEXP_ROOTSQUASH \
	47	+ \| NFSEXP_ALLSQUASH)
47	48
48	49	#ifdef __KERNEL__
49	50