From patchwork Tue Dec 5 18:55:23 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thiago Becker X-Patchwork-Id: 10093627 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id BA8DB60329 for ; Tue, 5 Dec 2017 18:56:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AE3BC2883D for ; Tue, 5 Dec 2017 18:56:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A2EC328BD9; Tue, 5 Dec 2017 18:56:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4CC8F2883D for ; Tue, 5 Dec 2017 18:56:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752624AbdLESzw (ORCPT ); Tue, 5 Dec 2017 13:55:52 -0500 Received: from mail-qt0-f196.google.com ([209.85.216.196]:37999 "EHLO mail-qt0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752410AbdLESzv (ORCPT ); Tue, 5 Dec 2017 13:55:51 -0500 Received: by mail-qt0-f196.google.com with SMTP id d4so3228921qtj.5; Tue, 05 Dec 2017 10:55:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=y1N3kOTGyg4LX4uoPyI7fHPGh1He2sM47sI37ilrq+E=; b=dezVvbJQJbArJa+7d0ovooM1HLaa3fFAMQwjn7tnvGTRa72IgqCfxAfbeJWwSuz8Od BPwi4H4vAWZtZHj4DaG2cmY8fjXvBDTBID1G1itRx8o+t4BwXQCvbFYr9tqyWilFkklk ss8RVVMDrzdzXnuSj0W2VvSjQIiQXwMq98d1KeK4XDWb06LJnpjzpgfKcTzAEMSeaWMX M5Bx01fnFIlk9r9vfM3lY0JvTD74YYqvv/5WwSUkhBiEhNejQlwVGjcNmnz72D+jNT4s /R3V3ZTrGq5VVrW1dbQXwaBUCRVrB9AIlcjUMPfOJIQz6kj5QOpCm4k3rV24eyLJIXyM urkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=y1N3kOTGyg4LX4uoPyI7fHPGh1He2sM47sI37ilrq+E=; b=iUYEQJyeJC+qFmeDR2EQV/dP+y0B+FSU8IOaxl3XGlyCRjYVgQktEwz60vGYEEGzrH CwHdZjVXJg/phgSu0YTt/2ie80ug/A/UV3rJxuAHbN17e96L6CIL6ZE5+ydptBu9USxG mQ6izKgLWgXWCGhslrNoT2sHUNgRgjaf3uiG2QfrOaJjLrfW+jN9qc6tWFa5vRR9BbaB jQtsdy/yWyF3k1blbZDr72Etpc9CbjbA9kvk2jof87n8Qd7ZUWoaCqvJZFbbLfy1jpKQ 8zDX6sW35cd+wu9KZDo/F3F6uZqKCx3RVDuzhAPXlTk++3Ttw+iHDuUTKOoPLKgMT+Lb tOCQ== X-Gm-Message-State: AKGB3mIwGQ1LfFd8I+AghdxbhrvKtoveAJuo2+ReeizS02q4fFS/V8GX 6yN2V03ciOryK8rbnyp/Sg== X-Google-Smtp-Source: AGs4zMbV68AGrFXszEcOA+I2u7osaYniykRamjQiidYZB+iW35UlfDTIUshRQYGxE11j3Mw8ohIBvg== X-Received: by 10.55.50.129 with SMTP id y123mr21328921qky.86.1512500149958; Tue, 05 Dec 2017 10:55:49 -0800 (PST) Received: from tbecker-rhat.redhat.com ([201.37.68.249]) by smtp.googlemail.com with ESMTPSA id k1sm504260qtf.11.2017.12.05.10.55.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 05 Dec 2017 10:55:49 -0800 (PST) From: Thiago Rafael Becker To: bfields@fieldses.org, neilb@suse.com Cc: linux-nfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Thiago Rafael Becker Subject: [PATCH 2/3] kernel: Move groups_sort to the caller of set_groups. Date: Tue, 5 Dec 2017 16:55:23 -0200 Message-Id: <20171205185523.20600-1-thiago.becker@gmail.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205140512.13349-3-thiago.becker@gmail.com> References: <20171205140512.13349-3-thiago.becker@gmail.com> Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The responsibility for calling groups_sort is now on the caller of set_groups. Signed-off-by: Thiago Rafael Becker Reviewed-by: NeilBrown --- arch/s390/kernel/compat_linux.c | 1 + fs/nfsd/auth.c | 3 +++ kernel/groups.c | 1 + kernel/uid16.c | 1 + net/sunrpc/auth_gss/gss_rpc_xdr.c | 1 + net/sunrpc/auth_gss/svcauth_gss.c | 1 + net/sunrpc/svcauth_unix.c | 8 ++++++++ 7 files changed, 16 insertions(+) diff --git a/arch/s390/kernel/compat_linux.c b/arch/s390/kernel/compat_linux.c index f04db37..59eea9c 100644 --- a/arch/s390/kernel/compat_linux.c +++ b/arch/s390/kernel/compat_linux.c @@ -263,6 +263,7 @@ COMPAT_SYSCALL_DEFINE2(s390_setgroups16, int, gidsetsize, u16 __user *, grouplis return retval; } + groups_sort(group_info); retval = set_current_groups(group_info); put_group_info(group_info); diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c index 697f8ae..7b5099b 100644 --- a/fs/nfsd/auth.c +++ b/fs/nfsd/auth.c @@ -60,6 +60,9 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) gi->gid[i] = exp->ex_anon_gid; else gi->gid[i] = rqgi->gid[i]; + + /* Should be race free as long as each thread allocates a new gi */ + groups_sort(gi); } } else { gi = get_group_info(rqgi); diff --git a/kernel/groups.c b/kernel/groups.c index 4c9c9ed..17073a9 100644 --- a/kernel/groups.c +++ b/kernel/groups.c @@ -208,6 +208,7 @@ SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist) return retval; } + groups_sort(group_info); retval = set_current_groups(group_info); put_group_info(group_info); diff --git a/kernel/uid16.c b/kernel/uid16.c index ce74a49..ef1da2a 100644 --- a/kernel/uid16.c +++ b/kernel/uid16.c @@ -192,6 +192,7 @@ SYSCALL_DEFINE2(setgroups16, int, gidsetsize, old_gid_t __user *, grouplist) return retval; } + groups_sort(group_info); retval = set_current_groups(group_info); put_group_info(group_info); diff --git a/net/sunrpc/auth_gss/gss_rpc_xdr.c b/net/sunrpc/auth_gss/gss_rpc_xdr.c index c4778ca..444380f 100644 --- a/net/sunrpc/auth_gss/gss_rpc_xdr.c +++ b/net/sunrpc/auth_gss/gss_rpc_xdr.c @@ -231,6 +231,7 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr, goto out_free_groups; creds->cr_group_info->gid[i] = kgid; } + groups_sort(creds->cr_group_info); return 0; out_free_groups: diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 5dd4e6c..2653119 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -481,6 +481,7 @@ static int rsc_parse(struct cache_detail *cd, goto out; rsci.cred.cr_group_info->gid[i] = kgid; } + groups_sort(rsci.cred.cr_group_info); /* mech name */ len = qword_get(&mesg, buf, mlen); diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c index 740b67d..99841e1 100644 --- a/net/sunrpc/svcauth_unix.c +++ b/net/sunrpc/svcauth_unix.c @@ -20,6 +20,7 @@ #include "netns.h" +void groups_sort(struct group_info *group_info); /* * AUTHUNIX and AUTHNULL credentials are both handled here. @@ -520,6 +521,12 @@ static int unix_gid_parse(struct cache_detail *cd, ug.gi->gid[i] = kgid; } + /* Sort the groups before inserting this entry + * into the cache to avoid future corrutpions + * by multiple simultaneous attempts to sort this + * entry. + */ + groups_sort(ug.gi); ugp = unix_gid_lookup(cd, uid); if (ugp) { struct cache_head *ch; @@ -819,6 +826,7 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv)); cred->cr_group_info->gid[i] = kgid; } + groups_sort(cred->cr_group_info); if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { *authp = rpc_autherr_badverf; return SVC_DENIED;