« Previous | Next » 

Revision c83849b3


Added by nthery over 5 years ago

nfs: init real/saved uid/gid in server-side credentials

When unmarshalling a request, the server constructs a ucred
structure (nfsrv_descript.nd_cr) from the credential data in the
RPC. It initializes only the effective uid and gid and leaves
the real and saved uid/gid unitialized. This effectively sets
the real/effective ids to root because nd_cr is first

As a consequence, now that accept(2) checks real uid/gid, all
accept calls to NFS files incorrectly succeed.

Fix this by initializing the real and saved uid/gid in nd_cr to
the same values as the real uid/gid (only the real uid/gid are
RPC'ed to the server).

NOTE: accept(2) and faccessat(2) to NFS files are still broken
in part because the client sends the effective uid/gid to the
server. I'll fix this once I've groked the uid magic in the NFS


  • added
  • modified
  • copied
  • renamed
  • deleted

View differences

Review assignments Add