sunrpc: GSS integrity and decryption failures should return GARBAGE_ARGS (dd35210e) · Commits · e / devices / android_kernel_xiaomi_markw

net/sunrpc/auth_gss/svcauth_gss.c

+7 −2

Original line number	Diff line number	Diff line
		@@ -1146,7 +1146,7 @@ svcauth_gss_accept(struct svc_rqst rqstp, __be32 authp)
		case RPC_GSS_SVC_INTEGRITY:
		if (unwrap_integ_data(&rqstp->rq_arg,
		gc->gc_seq, rsci->mechctx))
		goto auth_err;
		goto garbage_args;
		/* placeholders for length and seq. number: */
		svc_putnl(resv, 0);
		svc_putnl(resv, 0);
		@@ -1154,7 +1154,7 @@ svcauth_gss_accept(struct svc_rqst rqstp, __be32 authp)
		case RPC_GSS_SVC_PRIVACY:
		if (unwrap_priv_data(rqstp, &rqstp->rq_arg,
		gc->gc_seq, rsci->mechctx))
		goto auth_err;
		goto garbage_args;
		/* placeholders for length and seq. number: */
		svc_putnl(resv, 0);
		svc_putnl(resv, 0);
		@@ -1169,6 +1169,11 @@ svcauth_gss_accept(struct svc_rqst rqstp, __be32 authp)
		ret = SVC_OK;
		goto out;
		}
		garbage_args:
		/* Restore write pointer to its original value: */
		xdr_ressize_check(rqstp, reject_stat);
		ret = SVC_GARBAGE;
		goto out;
		auth_err:
		/* Restore write pointer to its original value: */
		xdr_ressize_check(rqstp, reject_stat);

+1 −2

Original line number	Diff line number	Diff line
		@@ -921,8 +921,7 @@ svc_process(struct svc_rqst *rqstp)
		case SVC_OK:
		break;
		case SVC_GARBAGE:
		rpc_stat = rpc_garbage_args;
		goto err_bad;
		goto err_garbage;
		case SVC_SYSERR:
		rpc_stat = rpc_system_err;
		goto err_bad;