Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

msnfs41client: Patches for moving secctx to nfs41srvopen, secctx locking+misc, 2025-12-06
Posted by Anonymous on Tue 9th Dec 2025 19:40
raw | new post

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
From 2b3ae315eb3046e02d91556b5556465359a579c4 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Sat, 6 Dec 2025 18:32:30 +0100 Subject: [PATCH 1/3] sys: Move |SECURITY_CLIENT_CONTEXT| from |NFS41_FOBX| to |NFS41_SRV_OPEN| Move |SECURITY_CLIENT_CONTEXT| from |NFS41_FOBX| to |NFS41_SRV_OPEN|. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- sys/nfs41sys_acl.c | 6 +-- sys/nfs41sys_buildconfig.h | 1 - sys/nfs41sys_dir.c | 3 +- sys/nfs41sys_driver.c | 66 ++++++++++++++------------ sys/nfs41sys_driver.h | 17 +++---- sys/nfs41sys_ea.c | 9 ++-- sys/nfs41sys_fileinfo.c | 6 +-- sys/nfs41sys_fsctl.c | 12 ++--- sys/nfs41sys_lock.c | 6 +-- sys/nfs41sys_openclose.c | 94 +++++++++++++------------------------- sys/nfs41sys_readwrite.c | 4 +- sys/nfs41sys_symlink.c | 6 +-- sys/nfs41sys_updowncall.c | 32 ------------- sys/nfs41sys_volinfo.c | 3 +- 14 files changed, 94 insertions(+), 171 deletions(-) diff --git a/sys/nfs41sys_acl.c b/sys/nfs41sys_acl.c index 0ab1f80..e9b0a6e 100644 --- a/sys/nfs41sys_acl.c +++ b/sys/nfs41sys_acl.c @@ -223,7 +223,6 @@ NTSTATUS nfs41_QuerySecurityInformation( { NTSTATUS status = STATUS_NOT_SUPPORTED; nfs41_updowncall_entry *entry = NULL; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); __notnull PMRX_SRV_OPEN SrvOpen = RxContext->pRelevantSrvOpen; __notnull PNFS41_SRV_OPEN nfs41_srvopen = NFS41GetSrvOpenExtension(SrvOpen); __notnull PNFS41_FCB nfs41_fcb = NFS41GetFcbExtension(RxContext->pFcb); @@ -319,7 +318,7 @@ NTSTATUS nfs41_QuerySecurityInformation( DbgP("nfs41_QuerySecurityInformation: cached ACL info invalidated\n"); } - status = nfs41_UpcallCreate(NFS41_SYSOP_ACL_QUERY, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_ACL_QUERY, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; @@ -439,7 +438,6 @@ NTSTATUS nfs41_SetSecurityInformation( { NTSTATUS status = STATUS_NOT_SUPPORTED; nfs41_updowncall_entry *entry = NULL; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); __notnull PMRX_SRV_OPEN SrvOpen = RxContext->pRelevantSrvOpen; __notnull PNFS41_SRV_OPEN nfs41_srvopen = NFS41GetSrvOpenExtension(SrvOpen); __notnull PNFS41_V_NET_ROOT_EXTENSION pVNetRootContext = @@ -484,7 +482,7 @@ NTSTATUS nfs41_SetSecurityInformation( } } - status = nfs41_UpcallCreate(NFS41_SYSOP_ACL_SET, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_ACL_SET, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; diff --git a/sys/nfs41sys_buildconfig.h b/sys/nfs41sys_buildconfig.h index dea5e1d..5df638e 100644 --- a/sys/nfs41sys_buildconfig.h +++ b/sys/nfs41sys_buildconfig.h @@ -93,7 +93,6 @@ #define ENABLE_COLLAPSEOPEN 1 #ifdef ENABLE_COLLAPSEOPEN #define WINBUG_NO_COLLAPSE_IF_PRIMARYGROUPS_DIFFER 1 -#define WINBUG_WORKAROUND_CLOSESRVOPEN_CALLED_AFTER_FOXB_CLEANUP 1 #endif /* ENABLE_COLLAPSEOPEN */ /* debugging printout defines */ diff --git a/sys/nfs41sys_dir.c b/sys/nfs41sys_dir.c index 60e5b50..77c2aca 100644 --- a/sys/nfs41sys_dir.c +++ b/sys/nfs41sys_dir.c @@ -236,7 +236,6 @@ NTSTATUS nfs41_QueryDirectory( NFS41GetVNetRootExtension(SrvOpen->pVNetRoot); __notnull PNFS41_NETROOT_EXTENSION pNetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); #ifdef ENABLE_TIMINGS LARGE_INTEGER t1, t2; t1 = KeQueryPerformanceCounter(NULL); @@ -269,7 +268,7 @@ NTSTATUS nfs41_QueryDirectory( status = STATUS_NOT_SUPPORTED; goto out; } - status = nfs41_UpcallCreate(NFS41_SYSOP_DIR_QUERY, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_DIR_QUERY, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; diff --git a/sys/nfs41sys_driver.c b/sys/nfs41sys_driver.c index e043602..796b77f 100644 --- a/sys/nfs41sys_driver.c +++ b/sys/nfs41sys_driver.c @@ -841,7 +841,7 @@ out: } VOID nfs41_remove_fcb_entry( - PMRX_FCB fcb) + PMRX_SRV_OPEN SrvOpen) { PLIST_ENTRY pEntry; nfs41_fcb_list_entry *cur; @@ -851,9 +851,11 @@ VOID nfs41_remove_fcb_entry( while (!IsListEmpty(&openlist.head)) { cur = (nfs41_fcb_list_entry *)CONTAINING_RECORD(pEntry, nfs41_fcb_list_entry, next); - if (cur->fcb == fcb) { + if (cur->srvopen == SrvOpen) { #ifdef DEBUG_CLOSE - DbgP("nfs41_remove_fcb_entry: Found match for fcb=0x%p\n", fcb); + DbgP("nfs41_remove_fcb_entry: " + "Found match for fcb=0x%p srvopen=0x%p\n", + cur->srvopen->pFcb, cur->srvopen); #endif RemoveEntryList(pEntry); nfs41_free_nfs41_fcb_list_entry(cur); @@ -862,7 +864,7 @@ VOID nfs41_remove_fcb_entry( if (pEntry->Flink == &openlist.head) { #ifdef DEBUG_CLOSE DbgP("nfs41_remove_fcb_entry: reached EOL looking " - "for fcb 0x%p\n", fcb); + "for SrvOpen=0x%p\n", SrvOpen); #endif break; } @@ -885,8 +887,6 @@ NTSTATUS nfs41_DeallocateForFcb( { __notnull PNFS41_FCB nfs41_fcb = NFS41GetFcbExtension(pFcb); - nfs41_remove_fcb_entry(pFcb); - if (nfs41_fcb->aclcache.data) { RxFreePool(nfs41_fcb->aclcache.data); nfs41_fcb->aclcache.data = NULL; @@ -906,8 +906,8 @@ VOID nfs41_update_fcb_list( while (!IsListEmpty(&openlist.head)) { cur = (nfs41_fcb_list_entry *)CONTAINING_RECORD(pEntry, nfs41_fcb_list_entry, next); - if (cur->fcb == fcb && - cur->ChangeTime != ChangeTime) { + if ((cur->srvopen->pFcb == fcb) && + (cur->ChangeTime != ChangeTime)) { #if defined(DEBUG_FILE_SET) || defined(DEBUG_ACL_SET) || \ defined(DEBUG_WRITE) || defined(DEBUG_EA_SET) DbgP("nfs41_update_fcb_list: Found match for fcb 0x%p: " @@ -1022,7 +1022,8 @@ void enable_caching( while (!IsListEmpty(&openlist.head)) { cur = (nfs41_fcb_list_entry *)CONTAINING_RECORD(pEntry, nfs41_fcb_list_entry, next); - if (cur->fcb == SrvOpen->pFcb) { + if ((cur->srvopen != NULL) && + (cur->srvopen->pFcb == SrvOpen->pFcb)) { #ifdef DEBUG_TIME_BASED_COHERENCY DbgP("enable_caching: Looked&Found match for fcb=0x%p '%wZ'\n", SrvOpen->pFcb, SrvOpen->pAlreadyPrefixedName); @@ -1048,9 +1049,7 @@ void enable_caching( oentry = nfs41_allocate_nfs41_fcb_list_entry(); if (oentry == NULL) goto out_release_fcblistlock; - oentry->fcb = SrvOpen->pFcb; - oentry->session = session; - oentry->nfs41_fobx = nfs41_fobx; + oentry->srvopen = SrvOpen; oentry->ChangeTime = ChangeTime; oentry->skip = FALSE; InsertTailList(&openlist.head, &oentry->next); @@ -1326,36 +1325,45 @@ VOID fcbopen_main(PVOID ctx) nfs41_fcb_list_entry, next); #ifdef DEBUG_TIME_BASED_COHERENCY - DbgP("fcbopen_main: Checking attributes for fcb=0x%p " - "change_time=%llu skipping=%d\n", cur->fcb, - cur->ChangeTime, cur->skip); + DbgP("fcbopen_main: Checking attributes for srvopen=%0x%p fcb=0x%p " + "change_time=%llu skipping=%d\n", + cur->srvopen, + ((cur->srvopen != NULL)?cur->srvopen->pFcb:NULL), + cur->ChangeTime, + cur->skip); #endif if (cur->skip) goto out; + PNFS41_SRV_OPEN nfs41_srvopen = + NFS41GetSrvOpenExtension(cur->srvopen); + /* - * This can only happen if |nfs41_DeallocateForFobx()| + * This can only happen if |nfs41_CloseSrvOpen()| * was called */ - if ((!cur->nfs41_fobx) || (!cur->nfs41_fobx->sec_ctx.ClientToken)) + if ((nfs41_srvopen == NULL) || + (nfs41_srvopen->sec_ctx.ClientToken == NULL)) { goto out; + } + + PNFS41_V_NET_ROOT_EXTENSION pVNetRootContext = + NFS41GetVNetRootExtension(cur->srvopen->pVNetRoot); - if (!cur->nfs41_fobx->timebasedcoherency) { + if (!pVNetRootContext->timebasedcoherency) { #ifdef DEBUG_TIME_BASED_COHERENCY DbgP("fcbopen_main: timebasedcoherency disabled for " - "fcb=0x%p, nfs41_fobx=0x%p\n", cur->fcb, cur->nfs41_fobx); + "fcb=0x%p\n", cur->srvopen->pFcb); #endif goto out; } pNetRootContext = - NFS41GetNetRootExtension(cur->fcb->pNetRoot); - PNFS41_SRV_OPEN nfs41_srvopen = - NFS41GetSrvOpenExtension(cur->srvopen); + NFS41GetNetRootExtension(cur->srvopen->pFcb->pNetRoot); /* place an upcall for this srv_open */ status = nfs41_UpcallCreate( NFS41_SYSOP_FILE_QUERY_TIME_BASED_COHERENCY, - &cur->nfs41_fobx->sec_ctx, cur->session, + &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, NULL, &entry); if (status) goto out; @@ -1377,9 +1385,9 @@ VOID fcbopen_main(PVOID ctx) #endif cur->ChangeTime = entry->ChangeTime; cur->skip = TRUE; - psrvEntry = &cur->fcb->SrvOpenList; + psrvEntry = &cur->srvopen->pFcb->SrvOpenList; psrvEntry = psrvEntry->Flink; - while (!IsListEmpty(&cur->fcb->SrvOpenList)) { + while (!IsListEmpty(&cur->srvopen->pFcb->SrvOpenList)) { srv_open = (PMRX_SRV_OPEN)CONTAINING_RECORD(psrvEntry, MRX_SRV_OPEN, SrvOpenQLinks); if (srv_open->DesiredAccess & @@ -1389,20 +1397,20 @@ VOID fcbopen_main(PVOID ctx) "************\n", srv_open->pAlreadyPrefixedName); #endif RxIndicateChangeOfBufferingStateForSrvOpen( - cur->fcb->pNetRoot->pSrvCall, srv_open, + cur->srvopen->pFcb->pNetRoot->pSrvCall, srv_open, srv_open->Key, ULongToPtr(flag)); } - if (psrvEntry->Flink == &cur->fcb->SrvOpenList) { + if (psrvEntry->Flink == &cur->srvopen->pFcb->SrvOpenList) { #ifdef DEBUG_TIME_BASED_COHERENCY DbgP("fcbopen_main: reached end of srvopen for fcb 0x%p\n", - cur->fcb); + cur->srvopen->pFcb); #endif break; } psrvEntry = psrvEntry->Flink; }; } - nfs41_fcb = NFS41GetFcbExtension(cur->fcb); + nfs41_fcb = NFS41GetFcbExtension(cur->srvopen->pFcb); nfs41_fcb->changeattr = entry->ChangeTime; out: nfs41_UpcallDestroy(entry); diff --git a/sys/nfs41sys_driver.h b/sys/nfs41sys_driver.h index d6bd5ca..a998ed6 100644 --- a/sys/nfs41sys_driver.h +++ b/sys/nfs41sys_driver.h @@ -503,6 +503,12 @@ typedef struct _NFS41_FCB { typedef struct _NFS41_SRV_OPEN { BOOLEAN initialised; + /* + * |sec_ctx| must be per |SRV_OPEN| to handle newgrp()/|setgid()| + * support. But this only works if we prevent |SRV_OPEN| collapsing + * if the PrimaryGroups of the SRV_OPENs are not the same + */ + SECURITY_CLIENT_CONTEXT sec_ctx; HANDLE nfs41_open_state; nfs41_open_delegation_type deleg_type; #ifdef WINBUG_NO_COLLAPSE_IF_PRIMARYGROUPS_DIFFER @@ -527,14 +533,8 @@ typedef struct _NFS41_FOBX { NODE_TYPE_CODE NodeTypeCode; NODE_BYTE_SIZE NodeByteSize; - /* - * |sec_ctx| must be per |FILE_OBJECT| to handle newgrp()1/|setgid()| - * support - */ - SECURITY_CLIENT_CONTEXT sec_ctx; BOOLEAN write_thru; BOOLEAN nocache; - BOOLEAN timebasedcoherency; } NFS41_FOBX, *PNFS41_FOBX; #define NFS41GetFobxExtension(pFobx) \ (((pFobx) == NULL) ? NULL : (PNFS41_FOBX)((pFobx)->Context)) @@ -561,10 +561,7 @@ typedef struct _NFS41_DEVICE_EXTENSION { typedef struct _nfs41_fcb_list_entry { LIST_ENTRY next; - PMRX_FCB fcb; PMRX_SRV_OPEN srvopen; - HANDLE session; - PNFS41_FOBX nfs41_fobx; ULONGLONG ChangeTime; BOOLEAN skip; } nfs41_fcb_list_entry; @@ -652,7 +649,7 @@ NTSTATUS map_symlink_errors( NTSTATUS status); VOID nfs41_remove_fcb_entry( - PMRX_FCB fcb); + PMRX_SRV_OPEN SrvOpen); /* nfs41sys_acl.c */ NTSTATUS marshal_nfs41_getacl( diff --git a/sys/nfs41sys_ea.c b/sys/nfs41sys_ea.c index 8ba33f4..8499cbc 100644 --- a/sys/nfs41sys_ea.c +++ b/sys/nfs41sys_ea.c @@ -355,7 +355,6 @@ NTSTATUS nfs41_SetEaInformation( __notnull PNFS41_NETROOT_EXTENSION pNetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); __notnull PNFS41_FCB nfs41_fcb = NFS41GetFcbExtension(RxContext->pFcb); - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); #ifdef ENABLE_TIMINGS LARGE_INTEGER t1, t2; t1 = KeQueryPerformanceCounter(NULL); @@ -371,7 +370,7 @@ NTSTATUS nfs41_SetEaInformation( status = check_nfs41_setea_args(RxContext); if (status) goto out; - status = nfs41_UpcallCreate(NFS41_SYSOP_EA_SET, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_EA_SET, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; @@ -486,7 +485,6 @@ NTSTATUS QueryCygwinSymlink( NFS41GetVNetRootExtension(SrvOpen->pVNetRoot); __notnull PNFS41_NETROOT_EXTENSION NetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); - __notnull PNFS41_FOBX Fobx = NFS41GetFobxExtension(RxContext->pFobx); nfs41_updowncall_entry *entry = NULL; UNICODE_STRING TargetName; const USHORT HeaderLen = FIELD_OFFSET(FILE_FULL_EA_INFORMATION, EaName) + @@ -503,7 +501,7 @@ NTSTATUS QueryCygwinSymlink( TargetName.MaximumLength = (USHORT)min(RxContext->Info.LengthRemaining - HeaderLen, 0xFFFF); - status = nfs41_UpcallCreate(NFS41_SYSOP_SYMLINK_GET, &Fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_SYMLINK_GET, &nfs41_srvopen->sec_ctx, VNetRootContext->session, nfs41_srvopen->nfs41_open_state, NetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; @@ -638,7 +636,6 @@ NTSTATUS nfs41_QueryEaInformation( NFS41GetVNetRootExtension(SrvOpen->pVNetRoot); __notnull PNFS41_NETROOT_EXTENSION pNetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); #ifdef ENABLE_TIMINGS LARGE_INTEGER t1, t2; t1 = KeQueryPerformanceCounter(NULL); @@ -660,7 +657,7 @@ NTSTATUS nfs41_QueryEaInformation( if (status != STATUS_NONEXISTENT_EA_ENTRY) goto out; - status = nfs41_UpcallCreate(NFS41_SYSOP_EA_GET, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_EA_GET, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; diff --git a/sys/nfs41sys_fileinfo.c b/sys/nfs41sys_fileinfo.c index b1642bf..203c503 100644 --- a/sys/nfs41sys_fileinfo.c +++ b/sys/nfs41sys_fileinfo.c @@ -211,7 +211,6 @@ NTSTATUS nfs41_QueryFileInformation( __notnull PNFS41_NETROOT_EXTENSION pNetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); __notnull PNFS41_FCB nfs41_fcb = NFS41GetFcbExtension(RxContext->pFcb); - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); #ifdef ENABLE_TIMINGS LARGE_INTEGER t1, t2; t1 = KeQueryPerformanceCounter(NULL); @@ -407,7 +406,7 @@ NTSTATUS nfs41_QueryFileInformation( goto out; } - status = nfs41_UpcallCreate(NFS41_SYSOP_FILE_QUERY, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_FILE_QUERY, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) { @@ -683,7 +682,6 @@ NTSTATUS nfs41_SetFileInformationImpl( __notnull PNFS41_NETROOT_EXTENSION pNetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); __notnull PNFS41_FCB nfs41_fcb = NFS41GetFcbExtension(RxContext->pFcb); - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); #ifdef ENABLE_TIMINGS LARGE_INTEGER t1, t2; t1 = KeQueryPerformanceCounter(NULL); @@ -789,7 +787,7 @@ NTSTATUS nfs41_SetFileInformationImpl( } } - status = nfs41_UpcallCreate(opcode, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(opcode, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; diff --git a/sys/nfs41sys_fsctl.c b/sys/nfs41sys_fsctl.c index d39544f..b79fd30 100644 --- a/sys/nfs41sys_fsctl.c +++ b/sys/nfs41sys_fsctl.c @@ -140,7 +140,6 @@ NTSTATUS nfs41_QueryAllocatedRanges( __notnull PFILE_ALLOCATED_RANGE_BUFFER out_range_buffer = (PFILE_ALLOCATED_RANGE_BUFFER)FsCtl->pOutputBuffer; ULONG out_range_buffer_len = FsCtl->OutputBufferLength; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); DbgEn(); @@ -160,7 +159,7 @@ NTSTATUS nfs41_QueryAllocatedRanges( (long long)in_range_buffer->Length.QuadPart); status = nfs41_UpcallCreate(NFS41_SYSOP_FSCTL_QUERYALLOCATEDRANGES, - &nfs41_fobx->sec_ctx, + &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, @@ -458,7 +457,6 @@ NTSTATUS nfs41_SetZeroData( &RxContext->LowIoContext.ParamsFor.FsCtl; __notnull const PFILE_ZERO_DATA_INFORMATION setzerodatabuffer = (const PFILE_ZERO_DATA_INFORMATION)FsCtl->pInputBuffer; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); bool fcb_locked_exclusive = false; DbgEn(); @@ -508,7 +506,7 @@ NTSTATUS nfs41_SetZeroData( (void)RxPurgeFcbInSystemCache((PFCB)RxContext->pFcb, NULL, 0L, TRUE, TRUE); status = nfs41_UpcallCreate(NFS41_SYSOP_FSCTL_SET_ZERO_DATA, - &nfs41_fobx->sec_ctx, + &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, @@ -649,7 +647,6 @@ NTSTATUS nfs41_DuplicateData( NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); __notnull XXCTL_LOWIO_COMPONENT *FsCtl = &RxContext->LowIoContext.ParamsFor.FsCtl; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); PFCB srcfcb = NULL; PFOBX srcfox = NULL; bool src_fcb_locked_exclusive = false; @@ -818,7 +815,7 @@ NTSTATUS nfs41_DuplicateData( (void)RxPurgeFcbInSystemCache((PFCB)RxContext->pFcb, NULL, 0L, TRUE, TRUE); status = nfs41_UpcallCreate(NFS41_SYSOP_FSCTL_DUPLICATE_DATA, - &nfs41_fobx->sec_ctx, + &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, @@ -1207,7 +1204,6 @@ NTSTATUS nfs41_OffloadWrite( NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); __notnull const XXCTL_LOWIO_COMPONENT *FsCtl = &RxContext->LowIoContext.ParamsFor.FsCtl; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); offloadcontext_entry *src_oce = NULL; bool src_fcb_locked_exclusive = false; bool dest_fcb_locked_exclusive = false; @@ -1352,7 +1348,7 @@ NTSTATUS nfs41_OffloadWrite( (void)RxPurgeFcbInSystemCache((PFCB)RxContext->pFcb, NULL, 0L, TRUE, TRUE); status = nfs41_UpcallCreate(NFS41_SYSOP_FSCTL_OFFLOAD_DATACOPY, - &nfs41_fobx->sec_ctx, + &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, diff --git a/sys/nfs41sys_lock.c b/sys/nfs41sys_lock.c index 71a7dec..85d6c32 100644 --- a/sys/nfs41sys_lock.c +++ b/sys/nfs41sys_lock.c @@ -266,7 +266,6 @@ NTSTATUS nfs41_Lock( NTSTATUS status = STATUS_SUCCESS; nfs41_updowncall_entry *entry = NULL; PLOWIO_CONTEXT LowIoContext = &RxContext->LowIoContext; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); __notnull PMRX_SRV_OPEN SrvOpen = RxContext->pRelevantSrvOpen; __notnull PNFS41_SRV_OPEN nfs41_srvopen = NFS41GetSrvOpenExtension(SrvOpen); __notnull PNFS41_V_NET_ROOT_EXTENSION pVNetRootContext = @@ -301,7 +300,7 @@ NTSTATUS nfs41_Lock( } #endif /* NFS41_DRIVER_HACK_LOCKING_STORAGE32_RANGELOCK_PROBING */ - status = nfs41_UpcallCreate(NFS41_SYSOP_LOCK, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_LOCK, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; @@ -378,7 +377,6 @@ NTSTATUS nfs41_Unlock( NTSTATUS status = STATUS_SUCCESS; nfs41_updowncall_entry *entry = NULL; PLOWIO_CONTEXT LowIoContext = &RxContext->LowIoContext; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); __notnull PMRX_SRV_OPEN SrvOpen = RxContext->pRelevantSrvOpen; __notnull PNFS41_SRV_OPEN nfs41_srvopen = NFS41GetSrvOpenExtension(SrvOpen); __notnull PNFS41_V_NET_ROOT_EXTENSION pVNetRootContext = @@ -416,7 +414,7 @@ NTSTATUS nfs41_Unlock( } #endif /* NFS41_DRIVER_HACK_LOCKING_STORAGE32_RANGELOCK_PROBING */ - status = nfs41_UpcallCreate(NFS41_SYSOP_UNLOCK, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_UNLOCK, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; diff --git a/sys/nfs41sys_openclose.c b/sys/nfs41sys_openclose.c index 57b10d5..6934223 100644 --- a/sys/nfs41sys_openclose.c +++ b/sys/nfs41sys_openclose.c @@ -383,40 +383,6 @@ NTSTATUS nfs41_AreFilesAliased( } } -static -VOID nfs41_invalidate_fobx_entry( - IN OUT PMRX_FOBX pFobx) -{ - PLIST_ENTRY pEntry; - nfs41_fcb_list_entry *cur; - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(pFobx); - - ExAcquireFastMutexUnsafe(&openlist.lock); - - pEntry = openlist.head.Flink; - while (!IsListEmpty(&openlist.head)) { - cur = (nfs41_fcb_list_entry *)CONTAINING_RECORD(pEntry, - nfs41_fcb_list_entry, next); - if (cur->nfs41_fobx == nfs41_fobx) { -#ifdef DEBUG_CLOSE - DbgP("nfs41_invalidate_fobx_entry: Found match for nfs41_fobx=0x%p\n", - nfs41_fobx); -#endif - cur->nfs41_fobx = NULL; - break; - } - if (pEntry->Flink == &openlist.head) { -#ifdef DEBUG_CLOSE - DbgP("nfs41_invalidate_fobx_entry: reached EOL looking " - "for nfs41_fobx=0x%p\n", nfs41_fobx); -#endif - break; - } - pEntry = pEntry->Flink; - } - ExReleaseFastMutexUnsafe(&openlist.lock); -} - static BOOLEAN isDataAccess( ACCESS_MASK mask) { @@ -693,8 +659,7 @@ NTSTATUS nfs41_createnetfobx( PRX_CONTEXT RxContext, PMRX_SRV_OPEN SrvOpen) { - NTSTATUS status; - PNFS41_FOBX nfs41_fobx; + NTSTATUS status = STATUS_SUCCESS; RxContext->pFobx = RxCreateNetFobx(RxContext, SrvOpen); if (RxContext->pFobx == NULL) { @@ -702,9 +667,6 @@ NTSTATUS nfs41_createnetfobx( goto out; } - nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); - status = nfs41_get_sec_ctx(SecurityImpersonation, &nfs41_fobx->sec_ctx); - out: return status; } @@ -752,6 +714,16 @@ NTSTATUS nfs41_Create( ExInitializeFastMutex(&nfs41_fcb->aclcache.lock); } + if (nfs41_srvopen->sec_ctx.ClientToken == NULL) { + status = nfs41_get_sec_ctx(SecurityImpersonation, + &nfs41_srvopen->sec_ctx); + if (status) { + DbgP("nfs41_Create: nfs41_get_sec_ctx() failed, status=0x%lx\n", + (long)status); + goto out; + } + } + if (nfs41_srvopen->initialised == FALSE) { nfs41_srvopen->initialised = TRUE; #ifdef WINBUG_NO_COLLAPSE_IF_PRIMARYGROUPS_DIFFER @@ -799,7 +771,7 @@ NTSTATUS nfs41_Create( SdBuffer, SdLength); #endif /* NFS41_DRIVER_ALLOW_CREATEFILE_ACLS */ - status = nfs41_UpcallCreate(NFS41_SYSOP_OPEN, NULL, + status = nfs41_UpcallCreate(NFS41_SYSOP_OPEN, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, INVALID_HANDLE_VALUE, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); @@ -1262,7 +1234,6 @@ retry_on_link: (FCB_STATE_READBUFFERING_ENABLED | FCB_STATE_READCACHING_ENABLED); } - nfs41_fobx->timebasedcoherency = pVNetRootContext->timebasedcoherency; if (pVNetRootContext->nocache || (params->CreateOptions & FILE_NO_INTERMEDIATE_BUFFERING)) { #ifdef DEBUG_OPEN @@ -1282,10 +1253,7 @@ retry_on_link: status = STATUS_INSUFFICIENT_RESOURCES; goto out; } - oentry->fcb = RxContext->pFcb; oentry->srvopen = SrvOpen; - oentry->nfs41_fobx = nfs41_fobx; - oentry->session = pVNetRootContext->session; oentry->ChangeTime = entry->ChangeTime; oentry->skip = FALSE; nfs41_AddEntry(openlist.lock, openlist, oentry); @@ -1305,6 +1273,13 @@ retry_on_link: status = RxContext->CurrentIrp->IoStatus.Status = STATUS_SUCCESS; out: + if (status) { + if (nfs41_srvopen->sec_ctx.ClientToken) { + SeDeleteClientSecurity(&nfs41_srvopen->sec_ctx); + nfs41_srvopen->sec_ctx.ClientToken = NULL; + } + } + if (fcb_locked_exclusive) { RxReleaseFcbResourceInMRx(Fcb); } @@ -1536,7 +1511,6 @@ NTSTATUS nfs41_CloseSrvOpen( __notnull PNFS41_NETROOT_EXTENSION pNetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); __notnull PNFS41_FCB nfs41_fcb = NFS41GetFcbExtension(RxContext->pFcb); - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); #ifdef ENABLE_TIMINGS LARGE_INTEGER t1, t2; t1 = KeQueryPerformanceCounter(NULL); @@ -1548,13 +1522,14 @@ NTSTATUS nfs41_CloseSrvOpen( #endif FsRtlEnterFileSystem(); - if (IS_NFS41_OPEN_DELEGATE_NONE(nfs41_srvopen->deleg_type) && - !nfs41_fcb->StandardInfo.Directory && - RxContext->pFcb->OpenCount == 0) { - nfs41_remove_fcb_entry(RxContext->pFcb); - } + /* + * Remove these BEOFRE doing the |NFS41_SYSOP_CLOSE|, so noone can issue + * a request while the NFS file handle is being destroyed + */ + nfs41_remove_fcb_entry(SrvOpen); + nfs41_remove_offloadcontext_for_srvopen(SrvOpen); - status = nfs41_UpcallCreate(NFS41_SYSOP_CLOSE, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_CLOSE, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; @@ -1580,12 +1555,14 @@ NTSTATUS nfs41_CloseSrvOpen( goto out; } + if (nfs41_srvopen->sec_ctx.ClientToken != NULL) { + SeDeleteClientSecurity(&nfs41_srvopen->sec_ctx); + nfs41_srvopen->sec_ctx.ClientToken = NULL; + } + /* map windows ERRORs to NTSTATUS */ status = map_close_errors(entry->status); - if (NT_SUCCESS(status)) { - nfs41_remove_offloadcontext_for_srvopen(SrvOpen); - } out: if (entry) { nfs41_UpcallDestroy(entry); @@ -1610,19 +1587,10 @@ out: NTSTATUS nfs41_DeallocateForFobx( IN OUT PMRX_FOBX pFobx) { - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(pFobx); - #ifdef DEBUG_CLOSE DbgP("nfs41_DeallocateForFobx: FileName is '%wZ'\n", pFobx->pSrvOpen->pAlreadyPrefixedName); #endif /* DEBUG_CLOSE */ - nfs41_invalidate_fobx_entry(pFobx); - - if (nfs41_fobx->sec_ctx.ClientToken) { - SeDeleteClientSecurity(&nfs41_fobx->sec_ctx); - nfs41_fobx->sec_ctx.ClientToken = NULL; - } - return STATUS_SUCCESS; } diff --git a/sys/nfs41sys_readwrite.c b/sys/nfs41sys_readwrite.c index 75145a5..f8b2090 100644 --- a/sys/nfs41sys_readwrite.c +++ b/sys/nfs41sys_readwrite.c @@ -258,7 +258,7 @@ NTSTATUS nfs41_Read( status = check_nfs41_read_args(RxContext); if (status) goto out; - status = nfs41_UpcallCreate(NFS41_SYSOP_READ, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_READ, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; @@ -387,7 +387,7 @@ NTSTATUS nfs41_Write( status = check_nfs41_write_args(RxContext); if (status) goto out; - status = nfs41_UpcallCreate(NFS41_SYSOP_WRITE, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_WRITE, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; diff --git a/sys/nfs41sys_symlink.c b/sys/nfs41sys_symlink.c index c157164..5ed5cfe 100644 --- a/sys/nfs41sys_symlink.c +++ b/sys/nfs41sys_symlink.c @@ -257,7 +257,6 @@ NTSTATUS nfs41_SetSymlinkReparsePoint( __notnull XXCTL_LOWIO_COMPONENT *FsCtl = &RxContext->LowIoContext.ParamsFor.FsCtl; __notnull const PREPARSE_DATA_BUFFER Reparse = (const PREPARSE_DATA_BUFFER)FsCtl->pInputBuffer; - __notnull PNFS41_FOBX Fobx = NFS41GetFobxExtension(RxContext->pFobx); __notnull PMRX_SRV_OPEN SrvOpen = RxContext->pRelevantSrvOpen; __notnull PNFS41_SRV_OPEN nfs41_srvopen = NFS41GetSrvOpenExtension(SrvOpen); __notnull PNFS41_V_NET_ROOT_EXTENSION VNetRootContext = @@ -416,7 +415,7 @@ NTSTATUS nfs41_SetSymlinkReparsePoint( } } - status = nfs41_UpcallCreate(NFS41_SYSOP_SYMLINK_SET, &Fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_SYMLINK_SET, &nfs41_srvopen->sec_ctx, VNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; @@ -568,7 +567,6 @@ NTSTATUS nfs41_GetSymlinkReparsePoint( NTSTATUS status; UNICODE_STRING TargetName; XXCTL_LOWIO_COMPONENT *FsCtl = &RxContext->LowIoContext.ParamsFor.FsCtl; - __notnull PNFS41_FOBX Fobx = NFS41GetFobxExtension(RxContext->pFobx); __notnull PMRX_SRV_OPEN SrvOpen = RxContext->pRelevantSrvOpen; __notnull PNFS41_SRV_OPEN nfs41_srvopen = NFS41GetSrvOpenExtension(SrvOpen); __notnull PNFS41_V_NET_ROOT_EXTENSION VNetRootContext = @@ -603,7 +601,7 @@ NTSTATUS nfs41_GetSymlinkReparsePoint( TargetName.Buffer = targetname_buffer; TargetName.MaximumLength = (USHORT)targetname_buffer_len; - status = nfs41_UpcallCreate(NFS41_SYSOP_SYMLINK_GET, &Fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_SYMLINK_GET, &nfs41_srvopen->sec_ctx, VNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; diff --git a/sys/nfs41sys_updowncall.c b/sys/nfs41sys_updowncall.c index 4a44f2b..6e32ef7 100644 --- a/sys/nfs41sys_updowncall.c +++ b/sys/nfs41sys_updowncall.c @@ -383,38 +383,6 @@ NTSTATUS nfs41_UpcallCreate( KeInitializeEvent(&entry->cond, SynchronizationEvent, FALSE); ExInitializeFastMutex(&entry->lock); -#ifdef WINBUG_WORKAROUND_CLOSESRVOPEN_CALLED_AFTER_FOXB_CLEANUP - /* - * HACK: Workaround the RDBSS bug where |RxPurgeRelatedFobxs()| first - * destroyes a FOBX via |RxFinalizeNetFobx()|,and then calls - * |nfs41_CloseSrvOpen()| to close the SRV_OPEN with the same FOBX, - * which results in |clnt_sec_ctx->ClientToken == NULL|. - * - * Without the workaround we crash like this, because - * |clnt_sec_ctx->ClientToken == NULL|: - * ---- snip ---- - * nt!ObfReferenceObject - * nfs41_driver!nfs41_UpcallCreate - * nfs41_driver!nfs41_CloseSrvOpen - * nfs41_driver!RxCloseAssociatedSrvOpen - * nfs41_driver!RxFinalizeNetFobx - * nfs41_driver!RxDereference - * nfs41_driver!RxPurgeRelatedFobxs - * nfs41_driver!RxCommonSetInformation - * nfs41_driver!RxFsdCommonDispatch - * nfs41_driver!RxFsdDispatch - * nfs41_driver!nfs41_FsdDispatch - * ---- snip ---- - */ - if (opcode == NFS41_SYSOP_CLOSE) { - if (clnt_sec_ctx) { - if (clnt_sec_ctx->ClientToken == NULL) { - clnt_sec_ctx = NULL; - } - } - } -#endif /* WINBUG_WORKAROUND_CLOSESRVOPEN_CALLED_AFTER_FOXB_CLEANUP */ - if (clnt_sec_ctx == NULL) { SeCaptureSubjectContext(&sec_ctx); sec_qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; diff --git a/sys/nfs41sys_volinfo.c b/sys/nfs41sys_volinfo.c index 10b9c61..d2484b6 100644 --- a/sys/nfs41sys_volinfo.c +++ b/sys/nfs41sys_volinfo.c @@ -158,7 +158,6 @@ NTSTATUS nfs41_QueryVolumeInformation( NFS41GetVNetRootExtension(SrvOpen->pVNetRoot); __notnull PNFS41_NETROOT_EXTENSION pNetRootContext = NFS41GetNetRootExtension(SrvOpen->pVNetRoot->pNetRoot); - __notnull PNFS41_FOBX nfs41_fobx = NFS41GetFobxExtension(RxContext->pFobx); #ifdef ENABLE_TIMINGS LARGE_INTEGER t1, t2; @@ -206,7 +205,7 @@ NTSTATUS nfs41_QueryVolumeInformation( status = STATUS_NOT_SUPPORTED; goto out; } - status = nfs41_UpcallCreate(NFS41_SYSOP_VOLUME_QUERY, &nfs41_fobx->sec_ctx, + status = nfs41_UpcallCreate(NFS41_SYSOP_VOLUME_QUERY, &nfs41_srvopen->sec_ctx, pVNetRootContext->session, nfs41_srvopen->nfs41_open_state, pNetRootContext->nfs41d_version, SrvOpen->pAlreadyPrefixedName, &entry); if (status) goto out; -- 2.51.0 From 4242f5fb938476f4e7cc60d8bb46a7d59abb1212 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Sat, 6 Dec 2025 20:28:33 +0100 Subject: [PATCH 2/3] sys: |nfs41_ComputeNewBufferingState()| should remove |FCB_STATE_DISABLE_LOCAL_BUFFERING| if any caching is enabled |nfs41_ComputeNewBufferingState()| should remove |FCB_STATE_DISABLE_LOCAL_BUFFERING| if any caching is enabled. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- sys/nfs41sys_driver.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sys/nfs41sys_driver.c b/sys/nfs41sys_driver.c index 796b77f..a4deed7 100644 --- a/sys/nfs41sys_driver.c +++ b/sys/nfs41sys_driver.c @@ -966,16 +966,21 @@ NTSTATUS nfs41_ComputeNewBufferingState( case ENABLE_READ_CACHING: pSrvOpen->BufferingFlags |= (FCB_STATE_READBUFFERING_ENABLED | FCB_STATE_READCACHING_ENABLED); + pSrvOpen->BufferingFlags &= ~FCB_STATE_DISABLE_LOCAL_BUFFERING; break; case ENABLE_WRITE_CACHING: pSrvOpen->BufferingFlags |= (FCB_STATE_WRITECACHING_ENABLED | FCB_STATE_WRITEBUFFERING_ENABLED); + pSrvOpen->BufferingFlags &= ~FCB_STATE_DISABLE_LOCAL_BUFFERING; break; case ENABLE_READWRITE_CACHING: - pSrvOpen->BufferingFlags = + pSrvOpen->BufferingFlags |= (FCB_STATE_READBUFFERING_ENABLED | FCB_STATE_READCACHING_ENABLED | FCB_STATE_WRITECACHING_ENABLED | FCB_STATE_WRITEBUFFERING_ENABLED); + pSrvOpen->BufferingFlags &= ~FCB_STATE_DISABLE_LOCAL_BUFFERING; + break; } + #ifdef DEBUG_TIME_BASED_COHERENCY DbgP("nfs41_ComputeNewBufferingState: '%wZ' pSrvOpen 0x%p Old %08x New %08x\n", pSrvOpen->pAlreadyPrefixedName, pSrvOpen, oldFlags, -- 2.51.0 From 11e132fedb8d85238ca0923944f844ae40c4de79 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Sat, 6 Dec 2025 20:54:52 +0100 Subject: [PATCH 3/3] sys: Use |SeLockSubjectContext()|+|SeUnlockSubjectContext()| when accessing context data Use |SeLockSubjectContext()|+|SeUnlockSubjectContext()| when accessing context data. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- sys/nfs41sys_mount.c | 3 +++ sys/nfs41sys_openclose.c | 4 ++++ sys/nfs41sys_updowncall.c | 3 +++ 3 files changed, 10 insertions(+) diff --git a/sys/nfs41sys_mount.c b/sys/nfs41sys_mount.c index 1f330c9..b1a46b5 100644 --- a/sys/nfs41sys_mount.c +++ b/sys/nfs41sys_mount.c @@ -750,6 +750,8 @@ NTSTATUS nfs41_GetLUID( SECURITY_CLIENT_CONTEXT clnt_sec_ctx; SeCaptureSubjectContext(&sec_ctx); + SeLockSubjectContext(&sec_ctx); + sec_qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; sec_qos.ImpersonationLevel = SecurityIdentification; sec_qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE); @@ -778,6 +780,7 @@ NTSTATUS nfs41_GetLUID( release_clnt_sec_ctx: SeDeleteClientSecurity(&clnt_sec_ctx); release_sec_ctx: + SeUnlockSubjectContext(&sec_ctx); SeReleaseSubjectContext(&sec_ctx); return status; diff --git a/sys/nfs41sys_openclose.c b/sys/nfs41sys_openclose.c index 6934223..885ec5e 100644 --- a/sys/nfs41sys_openclose.c +++ b/sys/nfs41sys_openclose.c @@ -79,6 +79,8 @@ NTSTATUS nfs41_get_sec_ctx( SECURITY_QUALITY_OF_SERVICE sec_qos; SeCaptureSubjectContext(&ctx); + SeLockSubjectContext(&ctx); + sec_qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; sec_qos.ImpersonationLevel = level; sec_qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE); @@ -99,6 +101,8 @@ NTSTATUS nfs41_get_sec_ctx( #ifdef DEBUG_SECURITY_TOKEN DbgP("Created client security token 0x%p\n", out_ctx->ClientToken); #endif + + SeUnlockSubjectContext(&ctx); SeReleaseSubjectContext(&ctx); return status; diff --git a/sys/nfs41sys_updowncall.c b/sys/nfs41sys_updowncall.c index 6e32ef7..bc9093e 100644 --- a/sys/nfs41sys_updowncall.c +++ b/sys/nfs41sys_updowncall.c @@ -385,6 +385,8 @@ NTSTATUS nfs41_UpcallCreate( if (clnt_sec_ctx == NULL) { SeCaptureSubjectContext(&sec_ctx); + SeLockSubjectContext(&sec_ctx); + sec_qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; sec_qos.ImpersonationLevel = SecurityImpersonation; sec_qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE); @@ -408,6 +410,7 @@ NTSTATUS nfs41_UpcallCreate( entry = NULL; } + SeUnlockSubjectContext(&sec_ctx); SeReleaseSubjectContext(&sec_ctx); } else { entry->psec_ctx = clnt_sec_ctx; -- 2.51.0

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at