Frank Filz has uploaded this change for review.
Rework fsal_filesystem handling for better config reload and handle validation
There were some problems in claiming and unclaiming filesystems during
config reload that have been fixed.
Also, it is now possible for a FSAL to check that the fsal_filesystem
a handle belongs to is actually exported by the export from the handle.
This reduces the security exposure to handle spoofing. Note that the
entirety of a filesystem that is exported by multiple exports is
accessible via any of the exports, so for the best export security
each filesystem should only be exported by a single export and should
be exported in it's entirety.
Change-Id: If571e29054d639ad0dd236b4e4fa5b91f54ce426
Signed-off-by: Frank S. Filz <ffilzlnx@mindspring.com>
---
M src/FSAL/FSAL_GPFS/export.c
M src/FSAL/FSAL_VFS/export.c
M src/FSAL/FSAL_VFS/file.c
M src/FSAL/FSAL_VFS/handle.c
M src/FSAL/FSAL_VFS/handle_syscalls.c
M src/FSAL/FSAL_VFS/os/freebsd/handle_syscalls.c
M src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c
M src/FSAL/FSAL_VFS/vfs/llapi_check_hsm.c
M src/FSAL/FSAL_VFS/vfs_methods.h
M src/FSAL/FSAL_VFS/xfs/handle_syscalls.c
M src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_export.c
M src/FSAL/commonlib.c
M src/FSAL/default_methods.c
M src/MainNFSD/libganesha_nfsd.ver
M src/Protocols/NFS/nfs4_pseudo.c
M src/include/FSAL/fsal_commonlib.h
M src/include/fsal_api.h
17 files changed, 932 insertions(+), 317 deletions(-)
git pull ssh://review.gerrithub.io:29418/ffilz/nfs-ganesha refs/changes/25/514025/1
To view, visit change 514025. To unsubscribe, or for help writing mail filters, visit settings.