Re: [nfs-utils] [PATCH 0/3] rpc.mountd: fix some vulnerabilities

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 11/11/2014 06:00 PM, NeilBrown wrote:
>> Here is why they do not work: 
>> > 
>> > The fd that the write() is getting hung on, is not be created 
>> > by the 3 nfs_svc_create() calls in mountd:main(). Its
>> > being created by the accept() when the tcp connection
>> > is created (via SVC_RECV()), so making those fds coming 
>> > out of the nfs_svc_create() non-blocking does nothing. 
> Just to add to what Bodo replied:
> 
> SVC_RECV is a macro which calls .xp_recv, which in the TCP listen
> case is rendezvous_request.
> 
> rendezvous_request does the accept:
> 
>         if ((sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr,
>             &len)) < 0) {
> 
> and then
>         if (cd->maxrec != 0) {
>                 flags = fcntl(sock, F_GETFL, 0);
>                 if (flags  == -1)
>                         return (FALSE);
>                 if (fcntl(sock, F_SETFL, flags | O_NONBLOCK) == -1)
>                         return (FALSE);
>   
> so if cd->maxrec is not zero, O_NONBLOCK get set.
> 
> It gets set through an SVC_CONTROL -> xp_control -> svc_vc_rendezvous_control
> 
> call, which no-one ever makes, and it initialised to __svc_maxrec, which is
> set by the rpc_control() call that Bodo mentions.
> So providing rpc_control is called before the service is created, it should
> work fine.
> 
> I wonder why it didn't work for you...
Because I didn't apply the 3rd patch because it was marked
as experimental. I figured I would get the first two 
patches working and deal with it later... 

Plus although I did look at this code, I didn't notice the 
setting of the O_NONBLOCK on the fd from the accept.
Thanks for pointing it out.... 

steved.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux