rpms/kernel/F-10 linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch, NONE, 1.1.2.1 linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch, NONE, 1.1.2.1 kernel.spec, 1.1206.2.51, 1.1206.2.52

Wed Mar 18 21:36:20 UTC 2009

Author: cebbert

Update of /cvs/pkgs/rpms/kernel/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3333

Modified Files:
      Tag: private-fedora-10-2_6_27
	kernel.spec 
Added Files:
      Tag: private-fedora-10-2_6_27
	linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch 
	linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch 
Log Message:
Two nfsd fixes headed for -stable:
    linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch
    linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch

linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch:

--- NEW FILE linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch ---
From: J. Bruce Fields <bfields at citi.umich.edu>
Date: Mon, 16 Mar 2009 22:34:20 +0000 (-0400)
Subject: nfsd: nfsd should drop CAP_MKNOD for non-root
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=76a67ec6fb79ff3570dcb5342142c16098299911

nfsd: nfsd should drop CAP_MKNOD for non-root

Since creating a device node is normally an operation requiring special
privilege, Igor Zhbanov points out that it is surprising (to say the
least) that a client can, for example, create a device node on a
filesystem exported with root_squash.

So, make sure CAP_MKNOD is among the capabilities dropped when an nfsd
thread handles a request from a non-root user.

Reported-by: Igor Zhbanov <izh1979 at gmail.com>
Cc: stable at kernel.org
Signed-off-by: J. Bruce Fields <bfields at citi.umich.edu>
---

diff --git a/include/linux/capability.h b/include/linux/capability.h
index 1b98725..4864a43 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -393,8 +393,10 @@ struct cpu_vfs_cap_data {
 # define CAP_FULL_SET     ((kernel_cap_t){{ ~0, ~0 }})
 # define CAP_INIT_EFF_SET ((kernel_cap_t){{ ~CAP_TO_MASK(CAP_SETPCAP), ~0 }})
 # define CAP_FS_SET       ((kernel_cap_t){{ CAP_FS_MASK_B0, CAP_FS_MASK_B1 } })
-# define CAP_NFSD_SET     ((kernel_cap_t){{ CAP_FS_MASK_B0|CAP_TO_MASK(CAP_SYS_RESOURCE), \
-					CAP_FS_MASK_B1 } })
+# define CAP_NFSD_SET     ((kernel_cap_t){{ CAP_FS_MASK_B0 \
+					    | CAP_TO_MASK(CAP_SYS_RESOURCE) \
+					    | CAP_TO_MASK(CAP_MKNOD), \
+					    CAP_FS_MASK_B1 } })
 
 #endif /* _KERNEL_CAPABILITY_U32S != 2 */
 

linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch:

--- NEW FILE linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch ---
From: Benny Halevy <bhalevy at panasas.com>
Date: Wed, 4 Mar 2009 21:05:35 +0000 (+0200)
Subject: NFSD: provide encode routine for OP_OPENATTR
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=84f09f46b4ee9e4e9b6381f8af31817516d2091b

NFSD: provide encode routine for OP_OPENATTR

Although this operation is unsupported by our implementation
we still need to provide an encode routine for it to
merely encode its (error) status back in the compound reply.

Thanks for Bill Baker at sun.com for testing with the Sun
OpenSolaris' client, finding, and reporting this bug at
Connectathon 2009.

This bug was introduced in 2.6.27

Signed-off-by: Benny Halevy <bhalevy at panasas.com>
Cc: stable at kernel.org
Signed-off-by: J. Bruce Fields <bfields at citi.umich.edu>
---

diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index f65953b..9250067 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -2596,6 +2596,7 @@ static nfsd4_enc nfsd4_enc_ops[] = {
 	[OP_LOOKUPP]		= (nfsd4_enc)nfsd4_encode_noop,
 	[OP_NVERIFY]		= (nfsd4_enc)nfsd4_encode_noop,
 	[OP_OPEN]		= (nfsd4_enc)nfsd4_encode_open,
+	[OP_OPENATTR]		= (nfsd4_enc)nfsd4_encode_noop,
 	[OP_OPEN_CONFIRM]	= (nfsd4_enc)nfsd4_encode_open_confirm,
 	[OP_OPEN_DOWNGRADE]	= (nfsd4_enc)nfsd4_encode_open_downgrade,
 	[OP_PUTFH]		= (nfsd4_enc)nfsd4_encode_noop,


Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-10/kernel.spec,v
retrieving revision 1.1206.2.51
retrieving revision 1.1206.2.52
diff -u -r1.1206.2.51 -r1.1206.2.52
--- kernel.spec	18 Mar 2009 21:01:25 -0000	1.1206.2.51
+++ kernel.spec	18 Mar 2009 21:35:48 -0000	1.1206.2.52
@@ -653,6 +653,8 @@
 Patch687: linux-2.6-ipw2x00-age-scan-results-on-resume.patch
 
 Patch700: linux-2.6-nfs-client-mounts-hang.patch
+Patch701: linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch
+Patch702: linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch
 
 Patch900: linux-2.6-uvc-hg.patch
 Patch901: linux-2.6-uvc-spca525.patch
@@ -1297,6 +1299,8 @@
 
 # NFS Client mounts hang when exported directory do not exist
 ApplyPatch linux-2.6-nfs-client-mounts-hang.patch
+ApplyPatch linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch
+ApplyPatch linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch
 
 ApplyPatch linux-2.6-uvc-hg.patch
 ApplyPatch linux-2.6-uvc-spca525.patch
@@ -1962,6 +1966,11 @@
 %kernel_variant_files -k vmlinux %{with_kdump} kdump
 
 %changelog
+* Wed Mar 18 2009 Chuck Ebbert <cebbert at redhat.com>  2.6.27.20-170.2.52
+- Two nfsd fixes headed for -stable:
+    linux-2.6-nfsd-drop-cap-mknod-for-non-root.patch
+    linux-2.6-nfsd-provide-encode-routine-for-op-openattr.patch
+
 * Wed Mar 18 2009 Chuck Ebbert <cebbert at redhat.com>  2.6.27.20-170.2.51
 - Two small ext4 fixes from 2.6.29:
     linux-2.6.27-ext4-fix-bb-prealloc-list-corruption.patch


