svcrpc: fix failures to handle -1 uid's
authorJ. Bruce Fields <bfields@redhat.com>
Mon, 8 Jul 2013 17:44:45 +0000 (13:44 -0400)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 25 Jul 2013 21:07:31 +0000 (14:07 -0700)
commit 0979292bfa301cb87d936b69af428090d2feea1b upstream.

As of f025adf191924e3a75ce80e130afcd2485b53bb8 "sunrpc: Properly decode
kuids and kgids in RPC_AUTH_UNIX credentials" any rpc containing a -1
(0xffff) uid or gid would fail with a badcred error.

Commit afe3c3fd5392b2f0066930abc5dbd3f4b14a0f13 "svcrpc: fix failures to
handle -1 uid's and gid's" fixed part of the problem, but overlooked the
gid upcall--the kernel can request supplementary gid's for the -1 uid,
but mountd's attempt write a response will get -EINVAL.

Symptoms were nfsd failing to reply to the first attempt to use a newly
negotiated krb5 context.

Reported-by: Sven Geggus <lists@fuchsschwanzdomain.de>
Tested-by: Sven Geggus <lists@fuchsschwanzdomain.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/sunrpc/svcauth_unix.c

index 06bdf5a..1583c8a 100644 (file)
@@ -493,8 +493,6 @@ static int unix_gid_parse(struct cache_detail *cd,
        if (rv)
                return -EINVAL;
        uid = make_kuid(&init_user_ns, id);
-       if (!uid_valid(uid))
-               return -EINVAL;
        ug.uid = uid;
 
        expiry = get_expiry(&mesg);