Whamcloud - gitweb
LU-9795 gss: fix gss-based integrity check for multi-rail 15/33415/4
authorSebastien Buisson <sbuisson@ddn.com>
Mon, 22 Oct 2018 15:08:15 +0000 (00:08 +0900)
committerOleg Drokin <green@whamcloud.com>
Tue, 13 Nov 2018 06:15:58 +0000 (06:15 +0000)
In case of multi-rail, rq_peer is not the NID from which request is
received, but primary NID of peer.
So gss_svc_upcall_handle_init() needs to pass rq_source, which
contains the NID actually in use, to lsvcgssd user-space daemon
in order to compute HMAC with correct key in handle_sk().

Test-Parameters: testlist=sanity-sec envdefinitions=ONLY=31,SHARED_KEY=true
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I70ee05355c3463a267a6faef724a5b7159ada014
Reviewed-on: https://review.whamcloud.com/33415
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Amir Shehata <ashehata@whamcloud.com>
Reviewed-by: James Simmons <uja.ornl@yahoo.com>
Tested-by: Jenkins
Tested-by: Maloo <hpdd-maloo@intel.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

index 93d0f6a..4b2d927 100644 (file)
@@ -946,7 +946,11 @@ int gss_svc_upcall_handle_init(struct ptlrpc_request *req,
        memset(&rsikey, 0, sizeof(rsikey));
        rsikey.lustre_svc = lustre_svc;
-       rsikey.nid = (__u64) req->rq_peer.nid;
+       /* In case of MR, rq_peer is not the NID from which request is received,
+        * but primary NID of peer.
+        * So we need rq_source, which contains the NID actually in use.
+        */
+       rsikey.nid = (__u64) req->rq_source.nid;
        nodemap_test_nid(req->rq_peer.nid, rsikey.nm_name,