nfsd4: exchange_id: check creds before killing confirmed client

We mustn't allow a client to destroy another client with established state unless it has the right credential. And some minor cleanup. (Note: our comparison of credentials is actually pretty bogus currently; that will need to be fixed in another patch.) Signed-off-by: J. Bruce Fields <bfields@redhat.com>
git-mirror · Jun 1, 2012 · ea236d0 · ea236d0
1 parent 2786cc3
commit ea236d0
Showing 1 changed file with 8 additions and 9 deletions.
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
@@ -1556,6 +1556,14 @@ nfsd4_exchange_id(struct svc_rqst *rqstp,
 			status = nfserr_clid_inuse; /* XXX: ? */
 			goto out;
 		}
+		if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
+			/* 18.35.4 case 9 */
+			if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A)
+				status = nfserr_perm;
+			else /* case 3 */
+				status = nfserr_clid_inuse;
+			goto out;
+		}
 		if (!same_verf(&verf, &conf->cl_verifier)) {
 			/* 18.35.4 case 8 */
 			if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) {
@@ -1566,15 +1574,6 @@ nfsd4_exchange_id(struct svc_rqst *rqstp,
 			expire_client(conf);
 			goto out_new;
 		}
-		if (!same_creds(&conf->cl_cred, &rqstp->rq_cred)) {
-			/* 18.35.4 case 9 */
-			if (exid->flags & EXCHGID4_FLAG_UPD_CONFIRMED_REC_A) {
-				status = nfserr_perm;
-				goto out;
-			}
-			expire_client(conf);
-			goto out_new;
-		}
 		/*
 		 * Set bit when the owner id and verifier map to an already
 		 * confirmed client id (18.35.3).