sunrpc: Update svcgss xdr handle to rpsec_contect cache

For each received uid call make_kuid and validate the result. For each received gid call make_kgid and validate the result. Cc: "J. Bruce Fields" <bfields@fieldses.org> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

sunrpc: Update svcgss xdr handle to rpsec_contect cache
For each received uid call make_kuid and validate the result. For each received gid call make_kgid and validate the result. Cc: "J. Bruce Fields" <bfields@fieldses.org> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Eric W. Biederman
1 parent 90602c7b19
Showing 1 changed file with 13 additions and 5 deletions Side-by-side Diff
net/sunrpc/auth_gss/svcauth_gss.c
@@ -418,6 +418,7 @@
 {
 	/* contexthandle expiry [ uid gid N <n gids> mechname ...mechdata... ] */
 	char *buf = mesg;
+	int id;
 	int len, rv;
 	struct rsc rsci, *rscp = NULL;
 	time_t expiry;
@@ -444,7 +445,7 @@
 		goto out;
  
 	/* uid, or NEGATIVE */
-	rv = get_int(&mesg, &rsci.cred.cr_uid);
+	rv = get_int(&mesg, &id);
 	if (rv == -EINVAL)
 		goto out;
 	if (rv == -ENOENT)
  
  
@@ -452,9 +453,17 @@
 	else {
 		int N, i;
  
+		/* uid */
+		rsci.cred.cr_uid = make_kuid(&init_user_ns, id);
+		if (!uid_valid(rsci.cred.cr_uid))
+			goto out;
+
 		/* gid */
-		if (get_int(&mesg, &rsci.cred.cr_gid))
+		if (get_int(&mesg, &id))
 			goto out;
+		rsci.cred.cr_gid = make_kgid(&init_user_ns, id);
+		if (!gid_valid(rsci.cred.cr_gid))
+			goto out;
  
 		/* number of additional gid's */
 		if (get_int(&mesg, &N))
  
  
@@ -467,11 +476,10 @@
 		/* gid's */
 		status = -EINVAL;
 		for (i=0; i<N; i++) {
-			gid_t gid;
 			kgid_t kgid;
-			if (get_int(&mesg, &gid))
+			if (get_int(&mesg, &id))
 				goto out;
-			kgid = make_kgid(&init_user_ns, gid);
+			kgid = make_kgid(&init_user_ns, id);
 			if (!gid_valid(kgid))
 				goto out;
 			GROUP_AT(rsci.cred.cr_group_info, i) = kgid;
...	...	@@ -418,6 +418,7 @@
418	418	{
419	419	/* contexthandle expiry [ uid gid N <n gids> mechname ...mechdata... ] */
420	420	char *buf = mesg;
	421	+ int id;
421	422	int len, rv;
422	423	struct rsc rsci, *rscp = NULL;
423	424	time_t expiry;
...	...	@@ -444,7 +445,7 @@
444	445	goto out;
445	446
446	447	/* uid, or NEGATIVE */
447		- rv = get_int(&mesg, &rsci.cred.cr_uid);
	448	+ rv = get_int(&mesg, &id);
448	449	if (rv == -EINVAL)
449	450	goto out;
450	451	if (rv == -ENOENT)
451	452
452	453
...	...	@@ -452,9 +453,17 @@
452	453	else {
453	454	int N, i;
454	455
	456	+ /* uid */
	457	+ rsci.cred.cr_uid = make_kuid(&init_user_ns, id);
	458	+ if (!uid_valid(rsci.cred.cr_uid))
	459	+ goto out;
	460	+
455	461	/* gid */
456		- if (get_int(&mesg, &rsci.cred.cr_gid))
	462	+ if (get_int(&mesg, &id))
457	463	goto out;
	464	+ rsci.cred.cr_gid = make_kgid(&init_user_ns, id);
	465	+ if (!gid_valid(rsci.cred.cr_gid))
	466	+ goto out;
458	467
459	468	/* number of additional gid's */
460	469	if (get_int(&mesg, &N))
461	470
462	471
...	...	@@ -467,11 +476,10 @@
467	476	/* gid's */
468	477	status = -EINVAL;
469	478	for (i=0; i<N; i++) {
470		- gid_t gid;
471	479	kgid_t kgid;
472		- if (get_int(&mesg, &gid))
	480	+ if (get_int(&mesg, &id))
473	481	goto out;
474		- kgid = make_kgid(&init_user_ns, gid);
	482	+ kgid = make_kgid(&init_user_ns, id);
475	483	if (!gid_valid(kgid))
476	484	goto out;
477	485	GROUP_AT(rsci.cred.cr_group_info, i) = kgid;