From: "J. Bruce Fields" <bfields@redhat.com>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-nfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
jlayton@redhat.com, Dave Chinner <david@fromorbit.com>,
"J. Bruce Fields" <bfields@redhat.com>
Subject: [PATCH 1/4] rpc: clean up decoding of gssproxy linux creds
Date: Thu, 5 Sep 2013 12:30:05 -0400 [thread overview]
Message-ID: <1378398620-23018-2-git-send-email-bfields@redhat.com> (raw)
In-Reply-To: <1378398620-23018-1-git-send-email-bfields@redhat.com>
From: "J. Bruce Fields" <bfields@redhat.com>
We can use the normal coding infrastructure here.
Two minor behavior changes:
- we're assuming no wasted space at the end of the linux cred.
That seems to match gss-proxy's behavior, and I can't see why
it would need to do differently in the future.
- NGROUPS_MAX check added: note groups_alloc doesn't do this,
this is the caller's responsibility.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
---
net/sunrpc/auth_gss/gss_rpc_xdr.c | 32 +++++++++++++-------------------
1 file changed, 13 insertions(+), 19 deletions(-)
diff --git a/net/sunrpc/auth_gss/gss_rpc_xdr.c b/net/sunrpc/auth_gss/gss_rpc_xdr.c
index 3c85d1c..f5067b2 100644
--- a/net/sunrpc/auth_gss/gss_rpc_xdr.c
+++ b/net/sunrpc/auth_gss/gss_rpc_xdr.c
@@ -166,14 +166,14 @@ static int dummy_dec_opt_array(struct xdr_stream *xdr,
return 0;
}
-static int get_s32(void **p, void *max, s32 *res)
+static int get_s32(struct xdr_stream *xdr, s32 *res)
{
- void *base = *p;
- void *next = (void *)((char *)base + sizeof(s32));
- if (unlikely(next > max || next < base))
+ __be32 *p;
+
+ p = xdr_inline_decode(xdr, 4);
+ if (!p)
return -EINVAL;
- memcpy(res, base, sizeof(s32));
- *p = next;
+ memcpy(res, p, sizeof(s32));
return 0;
}
@@ -182,7 +182,6 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
{
u32 length;
__be32 *p;
- void *q, *end;
s32 tmp;
int N, i, err;
@@ -192,33 +191,28 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
length = be32_to_cpup(p);
- /* FIXME: we do not want to use the scratch buffer for this one
- * may need to use functions that allows us to access an io vector
- * directly */
- p = xdr_inline_decode(xdr, length);
- if (unlikely(p == NULL))
+ if (length > (3 + NGROUPS_MAX) * sizeof(u32))
return -ENOSPC;
- q = p;
- end = q + length;
-
/* uid */
- err = get_s32(&q, end, &tmp);
+ err = get_s32(xdr, &tmp);
if (err)
return err;
creds->cr_uid = make_kuid(&init_user_ns, tmp);
/* gid */
- err = get_s32(&q, end, &tmp);
+ err = get_s32(xdr, &tmp);
if (err)
return err;
creds->cr_gid = make_kgid(&init_user_ns, tmp);
/* number of additional gid's */
- err = get_s32(&q, end, &tmp);
+ err = get_s32(xdr, &tmp);
if (err)
return err;
N = tmp;
+ if ((3 + N) * sizeof(u32) != length)
+ return -EINVAL;
creds->cr_group_info = groups_alloc(N);
if (creds->cr_group_info == NULL)
return -ENOMEM;
@@ -226,7 +220,7 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
/* gid's */
for (i = 0; i < N; i++) {
kgid_t kgid;
- err = get_s32(&q, end, &tmp);
+ err = get_s32(xdr, &tmp);
if (err)
goto out_free_groups;
err = -EINVAL;
--
1.7.9.5
next prev parent reply other threads:[~2013-09-05 16:30 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-05 16:30 [PATCH 00/12] Implement NFSv4 delegations, take 10 J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields [this message]
2013-09-05 16:38 ` [PATCH 1/4] rpc: clean up decoding of gssproxy linux creds J. Bruce Fields
2013-09-05 16:38 ` J. Bruce Fields
2013-09-05 16:30 ` [PATCH 01/12] vfs: pull ext4's double-i_mutex-locking into common code J. Bruce Fields
2013-09-05 16:30 ` [PATCH 2/4] rpc: comment on linux_cred encoding, treat all as unsigned J. Bruce Fields
2013-09-05 16:30 ` [PATCH 02/12] vfs: don't use PARENT/CHILD lock classes for non-directories J. Bruce Fields
2013-09-05 16:30 ` [PATCH 3/4] rpc: fix huge kmalloc's in gss-proxy J. Bruce Fields
2013-09-05 16:30 ` [PATCH 03/12] vfs: rename I_MUTEX_QUOTA now that it's not used for quotas J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields
2013-09-05 16:30 ` [PATCH 4/4] rpc: let xdr layer allocate gssproxy receieve pages J. Bruce Fields
2013-09-05 16:30 ` [PATCH 04/12] vfs: take i_mutex on renamed file J. Bruce Fields
2013-09-05 16:30 ` [PATCH 05/12] locks: introduce new FL_DELEG lock flag J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields
2013-09-05 16:30 ` [PATCH 06/12] locks: implement delegations J. Bruce Fields
2013-09-05 16:30 ` [PATCH 07/12] namei: minor vfs_unlink cleanup J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields
2013-09-05 16:30 ` [PATCH 08/12] locks: break delegations on unlink J. Bruce Fields
2013-09-05 16:30 ` [PATCH 09/12] locks: helper functions for delegation breaking J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields
2013-09-05 16:30 ` [PATCH 10/12] locks: break delegations on rename J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields
2013-09-05 16:30 ` [PATCH 11/12] locks: break delegations on link J. Bruce Fields
2013-09-05 16:30 ` J. Bruce Fields
2013-09-05 16:30 ` [PATCH 12/12] locks: break delegations on any attribute modification J. Bruce Fields
2013-09-11 14:08 ` [PATCH 00/12] Implement NFSv4 delegations, take 10 J. Bruce Fields
-- strict thread matches above, loose matches on Subject: below --
2013-09-19 15:27 gss-proxy fixes for 3.11.x J. Bruce Fields
2013-09-19 15:27 ` [PATCH 1/4] rpc: clean up decoding of gssproxy linux creds J. Bruce Fields
2013-09-05 15:49 gss-proxy fix for large kmalloc J. Bruce Fields
2013-09-05 15:49 ` [PATCH 1/4] rpc: clean up decoding of gssproxy linux creds J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1378398620-23018-2-git-send-email-bfields@redhat.com \
--to=bfields@redhat.com \
--cc=david@fromorbit.com \
--cc=jlayton@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.