Loading net/sunrpc/auth_gss/svcauth_gss.c +5 −3 Original line number Original line Diff line number Diff line Loading @@ -1287,7 +1287,7 @@ static bool use_gss_proxy(struct net *net) #ifdef CONFIG_PROC_FS #ifdef CONFIG_PROC_FS static bool set_gss_proxy(struct net *net, int type) static int set_gss_proxy(struct net *net, int type) { { struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); int ret = 0; int ret = 0; Loading Loading @@ -1317,10 +1317,12 @@ static inline bool gssp_ready(struct sunrpc_net *sn) return false; return false; } } static int wait_for_gss_proxy(struct net *net) static int wait_for_gss_proxy(struct net *net, struct file *file) { { struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); if (file->f_flags & O_NONBLOCK && !gssp_ready(sn)) return -EAGAIN; return wait_event_interruptible(sn->gssp_wq, gssp_ready(sn)); return wait_event_interruptible(sn->gssp_wq, gssp_ready(sn)); } } Loading Loading @@ -1362,7 +1364,7 @@ static ssize_t read_gssp(struct file *file, char __user *buf, size_t len; size_t len; int ret; int ret; ret = wait_for_gss_proxy(net); ret = wait_for_gss_proxy(net, file); if (ret) if (ret) return ret; return ret; Loading net/sunrpc/svcauth_unix.c +7 −5 Original line number Original line Diff line number Diff line Loading @@ -810,11 +810,15 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) goto badcred; goto badcred; argv->iov_base = (void*)((__be32*)argv->iov_base + slen); /* skip machname */ argv->iov_base = (void*)((__be32*)argv->iov_base + slen); /* skip machname */ argv->iov_len -= slen*4; argv->iov_len -= slen*4; /* * Note: we skip uid_valid()/gid_valid() checks here for * backwards compatibility with clients that use -1 id's. * Instead, -1 uid or gid is later mapped to the * (export-specific) anonymous id by nfsd_setuser. * Supplementary gid's will be left alone. */ cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */ cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */ cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */ cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */ if (!uid_valid(cred->cr_uid) || !gid_valid(cred->cr_gid)) goto badcred; slen = svc_getnl(argv); /* gids length */ slen = svc_getnl(argv); /* gids length */ if (slen > 16 || (len -= (slen + 2)*4) < 0) if (slen > 16 || (len -= (slen + 2)*4) < 0) goto badcred; goto badcred; Loading @@ -823,8 +827,6 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) return SVC_CLOSE; return SVC_CLOSE; for (i = 0; i < slen; i++) { for (i = 0; i < slen; i++) { kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv)); kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv)); if (!gid_valid(kgid)) goto badcred; GROUP_AT(cred->cr_group_info, i) = kgid; GROUP_AT(cred->cr_group_info, i) = kgid; } } if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { Loading Loading
net/sunrpc/auth_gss/svcauth_gss.c +5 −3 Original line number Original line Diff line number Diff line Loading @@ -1287,7 +1287,7 @@ static bool use_gss_proxy(struct net *net) #ifdef CONFIG_PROC_FS #ifdef CONFIG_PROC_FS static bool set_gss_proxy(struct net *net, int type) static int set_gss_proxy(struct net *net, int type) { { struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); int ret = 0; int ret = 0; Loading Loading @@ -1317,10 +1317,12 @@ static inline bool gssp_ready(struct sunrpc_net *sn) return false; return false; } } static int wait_for_gss_proxy(struct net *net) static int wait_for_gss_proxy(struct net *net, struct file *file) { { struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); if (file->f_flags & O_NONBLOCK && !gssp_ready(sn)) return -EAGAIN; return wait_event_interruptible(sn->gssp_wq, gssp_ready(sn)); return wait_event_interruptible(sn->gssp_wq, gssp_ready(sn)); } } Loading Loading @@ -1362,7 +1364,7 @@ static ssize_t read_gssp(struct file *file, char __user *buf, size_t len; size_t len; int ret; int ret; ret = wait_for_gss_proxy(net); ret = wait_for_gss_proxy(net, file); if (ret) if (ret) return ret; return ret; Loading
net/sunrpc/svcauth_unix.c +7 −5 Original line number Original line Diff line number Diff line Loading @@ -810,11 +810,15 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) goto badcred; goto badcred; argv->iov_base = (void*)((__be32*)argv->iov_base + slen); /* skip machname */ argv->iov_base = (void*)((__be32*)argv->iov_base + slen); /* skip machname */ argv->iov_len -= slen*4; argv->iov_len -= slen*4; /* * Note: we skip uid_valid()/gid_valid() checks here for * backwards compatibility with clients that use -1 id's. * Instead, -1 uid or gid is later mapped to the * (export-specific) anonymous id by nfsd_setuser. * Supplementary gid's will be left alone. */ cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */ cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */ cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */ cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */ if (!uid_valid(cred->cr_uid) || !gid_valid(cred->cr_gid)) goto badcred; slen = svc_getnl(argv); /* gids length */ slen = svc_getnl(argv); /* gids length */ if (slen > 16 || (len -= (slen + 2)*4) < 0) if (slen > 16 || (len -= (slen + 2)*4) < 0) goto badcred; goto badcred; Loading @@ -823,8 +827,6 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) return SVC_CLOSE; return SVC_CLOSE; for (i = 0; i < slen; i++) { for (i = 0; i < slen; i++) { kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv)); kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv)); if (!gid_valid(kgid)) goto badcred; GROUP_AT(cred->cr_group_info, i) = kgid; GROUP_AT(cred->cr_group_info, i) = kgid; } } if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { Loading
