14970 Restrict NFS mountd MOUNTPROC_DUMP to local transports

Reviewed by: Marcel Telka <marcel@telka.sk> Reviewed by: Gordon Ross <gordon.w.ross@gmail.com> Approved by: Dan McDonald <danmcd@mnx.io>
author: Toomas Soome <tsoome@me.com> 2022-09-13 13:14:53 +0300
committer: Toomas Soome <tsoome@me.com> 2022-09-16 23:01:43 +0300
commit: 35a075c30369bda7caecc8d23aaabe61768b4440 (patch)
tree: 8c10b7ff2bb53496f17a34a13854e1851b59289e /usr/src/cmd
parent: a713ecffc834d396a2f97329cc26b4d8b7ffe915 (diff)
download: illumos-gate-35a075c30369bda7caecc8d23aaabe61768b4440.tar.gz
3 files changed, 87 insertions, 5 deletions
diff --git a/usr/src/cmd/fs.d/nfs/mountd/Makefile b/usr/src/cmd/fs.d/nfs/mountd/Makefile
index 505ab301e3..43b1ec62ac 100644
--- a/usr/src/cmd/fs.d/nfs/mountd/Makefile
+++ b/usr/src/cmd/fs.d/nfs/mountd/Makefile
@@ -24,6 +24,7 @@
 # Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved.
 #
 # Copyright (c) 2018, Joyent, Inc.
+# Copyright 2022 RackTop Systems.
 
 FSTYPE	  =	nfs
 TYPEPROG  =	mountd
@@ -39,7 +40,8 @@ SRCS	  =	$(LOCAL:%.o=%.c) $(FSLIBSRC) ../lib/nfs_sec.c \
 		../lib/sharetab.c ../lib/daemon.c ../lib/smfcfg.c
 DSRC	  =	mountd_dt.d
 DOBJ	  =	$(DSRC:%.d=%.o)
-LDLIBS	 +=	-lrpcsvc -lnsl -lbsm -lsocket -ltsnet -ltsol -lnvpair -lscf -lumem
+LDLIBS	 +=	-lrpcsvc -lnsl -lbsm -lsocket -linetutil -ltsnet -ltsol
+LDLIBS	 +=	-lnvpair -lscf -lumem
 CPPFLAGS +=	-D_REENTRANT -I../lib
 
 CERRWARN +=	$(CNOWARN_UNINIT)
diff --git a/usr/src/cmd/fs.d/nfs/mountd/mountd.c b/usr/src/cmd/fs.d/nfs/mountd/mountd.c
index 1816deabc6..9df7f2f9a9 100644
--- a/usr/src/cmd/fs.d/nfs/mountd/mountd.c
+++ b/usr/src/cmd/fs.d/nfs/mountd/mountd.c
@@ -23,6 +23,7 @@
  * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved.
  * Copyright (c) 2012, 2016 by Delphix. All rights reserved.
  * Copyright 2016 Nexenta Systems, Inc.  All rights reserved.
+ * Copyright 2022 RackTop Systems.
  */
 
 /*	Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T	*/
@@ -88,6 +89,8 @@
 #include <pwd.h>
 #include <grp.h>
 #include <alloca.h>
+#include <libinetutil.h>
+#include <libsocket_priv.h>
 
 extern int daemonize_init(void);
 extern void daemonize_fini(int);
@@ -124,6 +127,7 @@ static int rejecting;
 static int mount_vers_min = MOUNTVERS;
 static int mount_vers_max = MOUNTVERS3;
 static int mountd_port = 0;
+static boolean_t mountd_remote_dump = B_FALSE;
 
 extern void nfscmd_func(void *, char *, size_t, door_desc_t *, uint_t);
 
@@ -150,6 +154,9 @@ static logging_data *logging_tail = NULL;
 static long ngroups_max;	/* _SC_NGROUPS_MAX */
 static long pw_size;		/* _SC_GETPW_R_SIZE_MAX */
 
+/* Cached address info for this host. */
+static struct addrinfo *host_ai = NULL;
+
 static void *
 nfsauth_svc(void *arg __unused)
 {
@@ -435,7 +442,7 @@ main(int argc, char *argv[])
 	bool_t	exclbind = TRUE;
 	bool_t	can_do_mlp;
 	long	thr_flags = (THR_NEW_LWP|THR_DAEMON);
-	char defval[4];
+	char defval[5];
 	int defvers, ret, bufsz;
 	struct rlimit rl;
 	int listen_backlog = 0;
@@ -445,6 +452,7 @@ main(int argc, char *argv[])
 	NCONF_HANDLE *nc;
 	const char *errstr;
 	int	pipe_fd = -1;
+	char	hostbuf[256];
 
 	/*
 	 * Mountd requires uid 0 for:
@@ -533,7 +541,7 @@ main(int argc, char *argv[])
 	/*
 	 * Read in the NFS version values from config file.
 	 */
-	bufsz = 4;
+	bufsz = sizeof (defval);
 	ret = nfs_smf_get_prop("server_versmin", defval, DEFAULT_INSTANCE,
 	    SCF_TYPE_INTEGER, NFSD, &bufsz);
 	if (ret == SA_OK) {
@@ -550,7 +558,7 @@ main(int argc, char *argv[])
 		}
 	}
 
-	bufsz = 4;
+	bufsz = sizeof (defval);
 	ret = nfs_smf_get_prop("server_versmax", defval, DEFAULT_INSTANCE,
 	    SCF_TYPE_INTEGER, NFSD, &bufsz);
 	if (ret == SA_OK) {
@@ -568,6 +576,24 @@ main(int argc, char *argv[])
 		    "failed, using default value");
 	}
 
+	bufsz = sizeof (defval);
+	ret = nfs_smf_get_prop("mountd_remote_dump", defval, DEFAULT_INSTANCE,
+	    SCF_TYPE_BOOLEAN, NFSD, &bufsz);
+	if (ret == SA_OK) {
+		mountd_remote_dump = string_to_boolean(defval);
+	}
+	if (!mountd_remote_dump) {
+		/* Cache host address list */
+		if (gethostname(hostbuf, sizeof (hostbuf)) < 0) {
+			syslog(LOG_ERR, "gethostname() failed");
+			exit(1);
+		}
+		if (getaddrinfo(hostbuf, NULL, NULL, &host_ai) != 0) {
+			syslog(LOG_ERR, "getaddrinfo() failed");
+			exit(1);
+		}
+	}
+
 	/*
 	 * Sanity check versions,
 	 * even though we may get versions > MOUNTVERS3, we still need
@@ -781,6 +807,55 @@ main(int argc, char *argv[])
 }
 
 /*
+ * copied from usr/src/uts/common/klm/nlm_impl.c
+ */
+static bool_t
+caller_is_local(SVCXPRT *transp)
+{
+	struct addrinfo *a;
+	char *netid;
+	struct netbuf *rtaddr;
+	struct sockaddr_storage addr;
+	bool_t rv = FALSE;
+
+	netid = transp->xp_netid;
+	rtaddr = svc_getrpccaller(transp);
+
+	if (netid == NULL)
+		return (FALSE);
+
+	if (strcmp(netid, "ticlts") == 0 ||
+	    strcmp(netid, "ticotsord") == 0)
+		return (TRUE);
+
+	if (strcmp(netid, "tcp") == 0 || strcmp(netid, "udp") == 0) {
+		struct sockaddr_in *sin = (void *)rtaddr->buf;
+
+		if (sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK))
+			return (TRUE);
+
+		memmove(&addr, sin, sizeof (*sin));
+	}
+	if (strcmp(netid, "tcp6") == 0 || strcmp(netid, "udp6") == 0) {
+		struct sockaddr_in6 *sin6 = (void *)rtaddr->buf;
+
+		if (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr))
+			return (TRUE);
+
+		memmove(&addr, sin6, sizeof (*sin6));
+	}
+
+	for (a = host_ai; a != NULL; a = a->ai_next) {
+		if (sockaddrcmp(&addr,
+		    (struct sockaddr_storage *)a->ai_addr)) {
+			rv = TRUE;
+			break;
+		}
+	}
+	return (rv);
+}
+
+/*
  * Server procedure switch routine
  */
 void
@@ -798,7 +873,10 @@ mnt(struct svc_req *rqstp, SVCXPRT *transp)
 		return;
 
 	case MOUNTPROC_DUMP:
-		mntlist_send(transp);
+		if (mountd_remote_dump || caller_is_local(transp))
+			mntlist_send(transp);
+		else
+			svcerr_noproc(transp);
 		return;
 
 	case MOUNTPROC_UMNT:
diff --git a/usr/src/cmd/fs.d/nfs/svc/server.xml b/usr/src/cmd/fs.d/nfs/svc/server.xml
index 9393d9da55..1e78742670 100644
--- a/usr/src/cmd/fs.d/nfs/svc/server.xml
+++ b/usr/src/cmd/fs.d/nfs/svc/server.xml
@@ -26,6 +26,7 @@
 	Copyright 2014 Nexenta Systems, Inc.  All rights reserved
 	Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org>
 	Copyright (c) 2012, 2014 by Delphix. All rights reserved.
+	Copyright 2022 RackTop Systems.
 
 	NOTE:  This service manifest is not editable; its contents will
 	be overwritten by package or patch operations, including
@@ -180,6 +181,7 @@
 	   <propval name='mountd_listen_backlog' type='integer' value='64'/>
 	   <propval name='mountd_max_threads' type='integer' value='16'/>
 	   <propval name='mountd_port' type='integer' value='0'/>
+	   <propval name='mountd_remote_dump' type='boolean' value='false'/>
 	 </property_group>
 	</instance>
author	Toomas Soome <tsoome@me.com>	2022-09-13 13:14:53 +0300
committer	Toomas Soome <tsoome@me.com>	2022-09-16 23:01:43 +0300
commit	35a075c30369bda7caecc8d23aaabe61768b4440 (patch)
tree	8c10b7ff2bb53496f17a34a13854e1851b59289e /usr/src/cmd
parent	a713ecffc834d396a2f97329cc26b4d8b7ffe915 (diff)
download	illumos-gate-35a075c30369bda7caecc8d23aaabe61768b4440.tar.gz