svcrpc: fix failures to handle -1 uid's and gid's

As of f025adf191924e3a75ce80e130afcd2485b53bb8 "sunrpc: Properly decode kuids and kgids in RPC_AUTH_UNIX credentials" any rpc containing a -1 (0xffff) uid or gid would fail with a badcred error. Reported symptoms were xmbc clients failing on upgrade of the NFS server; examination of the network trace showed them sending -1 as the gid. Reported-by: Julian Sikorski <belegdol@gmail.com> Tested-by: Julian Sikorski <belegdol@gmail.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>

svcrpc: fix failures to handle -1 uid's and gid's
As of f025adf191924e3a75ce80e130afcd2485b53bb8 "sunrpc: Properly decode kuids and kgids in RPC_AUTH_UNIX credentials" any rpc containing a -1 (0xffff) uid or gid would fail with a badcred error. Reported symptoms were xmbc clients failing on upgrade of the NFS server; examination of the network trace showed them sending -1 as the gid. Reported-by: Julian Sikorski <belegdol@gmail.com> Tested-by: Julian Sikorski <belegdol@gmail.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
J. Bruce Fields
1 parent b161c14440
Showing 1 changed file with 7 additions and 5 deletions Side-by-side Diff
net/sunrpc/svcauth_unix.c
@@ -810,11 +810,15 @@
 		goto badcred;
 	argv->iov_base = (void*)((__be32*)argv->iov_base + slen);	/* skip machname */
 	argv->iov_len -= slen*4;
-
+	/*
+	 * Note: we skip uid_valid()/gid_valid() checks here for
+	 * backwards compatibility with clients that use -1 id's.
+	 * Instead, -1 uid or gid is later mapped to the
+	 * (export-specific) anonymous id by nfsd_setuser.
+	 * Supplementary gid's will be left alone.
+	 */
 	cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */
 	cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */
-	if (!uid_valid(cred->cr_uid) || !gid_valid(cred->cr_gid))
-		goto badcred;
 	slen = svc_getnl(argv);			/* gids length */
 	if (slen > 16 || (len -= (slen + 2)*4) < 0)
 		goto badcred;
@@ -823,8 +827,6 @@
 		return SVC_CLOSE;
 	for (i = 0; i < slen; i++) {
 		kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv));
-		if (!gid_valid(kgid))
-			goto badcred;
 		GROUP_AT(cred->cr_group_info, i) = kgid;
 	}
 	if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) {
...	...	@@ -810,11 +810,15 @@
810	810	goto badcred;
811	811	argv->iov_base = (void)((__be32)argv->iov_base + slen); /* skip machname */
812	812	argv->iov_len -= slen*4;
813		-
	813	+ /*
	814	+ * Note: we skip uid_valid()/gid_valid() checks here for
	815	+ * backwards compatibility with clients that use -1 id's.
	816	+ * Instead, -1 uid or gid is later mapped to the
	817	+ * (export-specific) anonymous id by nfsd_setuser.
	818	+ * Supplementary gid's will be left alone.
	819	+ */
814	820	cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */
815	821	cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */
816		- if (!uid_valid(cred->cr_uid) \|\| !gid_valid(cred->cr_gid))
817		- goto badcred;
818	822	slen = svc_getnl(argv); /* gids length */
819	823	if (slen > 16 \|\| (len -= (slen + 2)*4) < 0)
820	824	goto badcred;
...	...	@@ -823,8 +827,6 @@
823	827	return SVC_CLOSE;
824	828	for (i = 0; i < slen; i++) {
825	829	kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv));
826		- if (!gid_valid(kgid))
827		- goto badcred;
828	830	GROUP_AT(cred->cr_group_info, i) = kgid;
829	831	}
830	832	if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) \|\| svc_getu32(argv) != 0) {