[packages/kernel] - svcrpc: fix failures to handle -1 uid's
baggins
baggins at pld-linux.org
Tue Jul 9 18:06:41 CEST 2013
commit 18ae07847003973e715aba6989dff2e6fb2b6486
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Tue Jul 9 18:06:33 2013 +0200
- svcrpc: fix failures to handle -1 uid's
kernel-small_fixes.patch | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
---
diff --git a/kernel-small_fixes.patch b/kernel-small_fixes.patch
index 392d121..48bb4ab 100644
--- a/kernel-small_fixes.patch
+++ b/kernel-small_fixes.patch
@@ -46,3 +46,38 @@ index 7a0c800..ec5ebbb 100644
SET_ETHTOOL_OPS(dev, &rtl8169_ethtool_ops);
dev->watchdog_timeo = RTL8169_TX_TIMEOUT;
+commit 8efb88340e29293e05f6b498b60596884c05a8a8
+Author: J. Bruce Fields <bfields at redhat.com>
+Date: Mon Jul 8 13:44:45 2013 -0400
+
+ svcrpc: fix failures to handle -1 uid's
+
+ As of f025adf191924e3a75ce80e130afcd2485b53bb8 "sunrpc: Properly decode
+ kuids and kgids in RPC_AUTH_UNIX credentials" any rpc containing a -1
+ (0xffff) uid or gid would fail with a badcred error.
+
+ Commit afe3c3fd5392b2f0066930abc5dbd3f4b14a0f13 "svcrpc: fix failures to
+ handle -1 uid's and gid's" fixed part of the problem, but overlooked the
+ gid upcall--the kernel can request supplementary gid's for the -1 uid,
+ but mountd's attempt write a response will get -EINVAL.
+
+ Symptoms were nfsd failing to reply to the first attempt to use a newly
+ negotiated krb5 context.
+
+ Reported-by: Sven Geggus <lists at fuchsschwanzdomain.de>
+ Tested-by: Sven Geggus <lists at fuchsschwanzdomain.de>
+ Signed-off-by: J. Bruce Fields <bfields at redhat.com>
+
+diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c
+index a98853d..621ca7b 100644
+--- a/net/sunrpc/svcauth_unix.c
++++ b/net/sunrpc/svcauth_unix.c
+@@ -493,8 +493,6 @@ static int unix_gid_parse(struct cache_detail *cd,
+ if (rv)
+ return -EINVAL;
+ uid = make_kuid(&init_user_ns, id);
+- if (!uid_valid(uid))
+- return -EINVAL;
+ ug.uid = uid;
+
+ expiry = get_expiry(&mesg);
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/kernel.git/commitdiff/18ae07847003973e715aba6989dff2e6fb2b6486
More information about the pld-cvs-commit
mailing list