On Mon, 2009-09-14 at 16:39 -0400, J. Bruce Fields wrote: > On Mon, Sep 14, 2009 at 04:17:32PM -0400, Trond Myklebust wrote: > > On Mon, 2009-09-14 at 16:04 -0400, J. Bruce Fields wrote: > > > On Mon, Sep 14, 2009 at 08:23:37PM +0300, Benny Halevy wrote: > > > > Where exactly is the NULL deref? > > > > > > > > > > > > > > Note--that's fixed 7 patches later in fsd41: Refactor create_client(), > > > > > but I don't actually understand how yet. > > > > > > > > unconf's cl_flavor initialization was moved in the latter patch > > > > from nfsd4_setclientid to create_client so maybe this could > > > > be the culprit (though, assuming it is initialized to 0 > > > > it will choosing implicitly authnull_ops in rpcauth_create() > > > > which _should_ work...) > > > > > > Oog, yes, turns out auth_null doesn't initialize the cred hashtable. So > > > also reproduceable by mounting with "mount -tnfs4 -osec=null", then > > > touching a file. So either we should be using some other interface, or > > > rpcauth_lookupcred should be checking au_credcache, or something. > > > > There shouldn't be a need for an auth_null hashtable. It isn't a > > credential... > > Got it. Looking at the code: I guess rpcauth_lookup_credcache is really > meant to be used only by auth types implementing their own cred lookups. > > Err, maybe I want the following? > > Or add a "lookup_machine_cred" helper to auth.c. Or use the > auth_generic stuff? > > --b. > > diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c > index 77a6d10..b91cc8e 100644 > --- a/fs/nfsd/nfs4callback.c > +++ b/fs/nfsd/nfs4callback.c > @@ -450,6 +450,7 @@ static struct rpc_cred *lookup_cb_cred(struct nfs4_cb_conn *cb) > struct auth_cred acred = { > .machine_cred = 1 > }; > + struct rpc_auth *auth = cb->cb_client->cl_auth; > > /* > * Note in the gss case this doesn't actually have to wait for a > @@ -457,8 +458,7 @@ static struct rpc_cred *lookup_cb_cred(struct nfs4_cb_conn *cb) > * non-uptodate cred which the rpc state machine will fill in with > * a refresh_upcall later. > */ > - return rpcauth_lookup_credcache(cb->cb_client->cl_auth, &acred, > - RPCAUTH_LOOKUP_NEW); > + return auth->lookup_cred(auth, &acred, RPCAUTH_LOOKUP_NEW); > } > > void do_probe_callback(struct nfs4_client *clp) That looks better. There is no guarantee that auth flavours will implement a credcache... However, is there any reason why you can't just call rpc_lookup_machine_cred()? -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html