Heya Steve- > On Feb 5, 2018, at 11:36 AM, Steve Dickson <steved@xxxxxxxxxx> wrote: > > Over the weekend I did some experimenting with > the remote call code in rpcbind. The code does > functionally work but is very antiquated when > it comes to the latest NFS versions. > > Since only UDP sockets are used to do remote calls > using the documented interfaces pmap_rmtcall() and callrpc() > calls to NFS will fail (actual times out) since UDP is no > longer supported. > > The undocumented interface rpc_call() can be used to > call into NFS since the protocol can specified, which > also means the PMAPPROC_CALLIT protocol is not used. > > It turns out privilege port are not needed to make > remote calls, at least with my testing. It's not quite clear what you are claiming here, but I'm guessing that what you demonstrated is that the CALLIT _listener_ does not have to be privileged? I claim that is true for all RPC listeners. > I'm thinking > the only reason privilege ports were being uses was > a side effect of create_rmtcall_fd() calling > svc_tli_create() with an unbound socket. Privileged listener ports are being created because svc_tli_create is using bindresvport when the passed in socket is not already bound. svc_tli_create should use bind instead, and it needs to choose a port higher than 49151. https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml > So the following patch simply binds the socket > before calling svc_tli_create() which means a > non-privilege port will be reserved for remote > calls. > > I'm thinking this is the simplest way to > not pollute the privilege port space. This is going in the right direction, but the problem needs to be addressed in svc_tli_create, not in each application that calls svc_tli_create. This is the same issue that Guillem Jover was trying to address by making bindresvport skip well-known ports. In other words: this code in src/svc_generic.c is wrong: 218 /* 219 * If the fd is unbound, try to bind it. 220 */ 221 if (madefd || !__rpc_sockisbound(fd)) { 222 if (bindaddr == NULL) { 223 if (bindresvport(fd, NULL) < 0) { ^^^^^^^^^^^^ 224 memset(&ss, 0, sizeof ss); 225 ss.ss_family = si.si_af; 226 if (bind(fd, (struct sockaddr *)(void *)&ss, 227 (socklen_t)si.si_alen) < 0) { 228 warnx( 229 "svc_tli_create: could not bind to anonymous port"); 230 goto freedata; 231 } 232 } 233 listen(fd, SOMAXCONN); 234 } else { 235 if (bind(fd, 236 (struct sockaddr *)bindaddr->addr.buf, 237 (socklen_t)si.si_alen) < 0) { 238 warnx( 239 "svc_tli_create: could not bind to requested address"); 240 goto freedata; 241 } 242 listen(fd, (int)bindaddr->qlen); 243 } 244 245 } > Steve Dickson (1): > rmtcalls: Don't use privileged ports for remote calls. > > src/rpcb_svc_com.c | 19 ++++++++++++++++++- > 1 file changed, 18 insertions(+), 1 deletion(-) -- Chuck Lever -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
