From: "J. Bruce Fields" <bfields@fieldses.org>
To: Sven Geggus <lists@fuchsschwanzdomain.de>
Cc: linux-nfs@vger.kernel.org
Subject: Re: Kernel update 3.5.7 -> 3.6.3 breaks NFS4
Date: Tue, 13 Nov 2012 17:40:05 -0500 [thread overview]
Message-ID: <20121113224005.GA11545@fieldses.org> (raw)
In-Reply-To: <20121112091717.GA1610@geggus.net>
On Mon, Nov 12, 2012 at 10:17:17AM +0100, Sven Geggus wrote:
> J. Bruce Fields schrieb am Samstag, den 10. November um 00:24 Uhr:
>
> OK, back at work and here is what I get:
>
> > Restart the server, start strace, then try the mount, let it hang a few
> > seconds just to make sure you got anything interesting, then kill strace
> > and send the output.
>
> OK, back at work and here is what I get...
>
> read(3, "nfsd 10.1.7.30\n", 2048) = 15
> close(15) = 0
> open("/var/lib/nfs/etab", O_RDONLY) = 15
> close(15) = 0
> close(15) = 0
> write(3, "nfsd 10.1.7.30 1352710828 * \n", 29) = 29
> read(4, "4294967295\n", 2048) = 11
> close(16) = 0
> close(15) = 0
> read(15,
> "\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\377\377\377\377\377\377\377\377\0\0\0\0\0\0\0\0\0\0\0\0",
> 36) = 36
> close(15) = 0
> write(4, "4294967295 1352710828 0 \n", 25) = -1 EINVAL (Invalid argument)
I suspect that error's coming from
net/sunrpc/svcauth_unix.c:unix_gid_parse().
> 4294967295 is UINT_MAX and this place is where it behaves differently on a good
> kernel where the write call will succeed:
>
> write(4, "4294967295 1352710828 0 \n", 25) = 25
>
> Sven
>
> P.S.: Your patched svcauth_gss.c will give me an "access denied by server"
> while mounting instead of the infinite delay:
> ~/ # mount -t nfs4 -o sec=krb5 testsrv:/storage /mnt/
> mount.nfs4: access denied by server while mounting testsrv:/storage
So, looks like the same get_int problem exists in several other places.
Could you try the following instead of the previous patch? I think I
got them all this time....
--b.
commit 664f26313a738f539a32c4eadd5351905e301bf2
Author: J. Bruce Fields <bfields@redhat.com>
Date: Fri Nov 9 15:16:02 2012 -0500
svcrpc: fix parsing of uids and gids in gss contexts
bbf43dc888833ac0539e437dbaeb28bfd4fbab9f "sunrpc/cache.h: replace
simple_strtoul" introduced new range-checking which could cause get_int
to fail if given an unsigned integer too large to represent as an int.
Symptoms were hangs on krb5 mounts after upgrading an NFS server.
Cc: Eldad Zack <eldad@fogrefinery.com>
Reported-by: Sven Geggus <lists@fuchsschwanzdomain.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c
index a3946cf..8481961 100644
--- a/fs/nfsd/export.c
+++ b/fs/nfsd/export.c
@@ -491,7 +491,7 @@ static int svc_export_parse(struct cache_detail *cd, char *mesg, int mlen)
int err;
struct auth_domain *dom = NULL;
struct svc_export exp = {}, *expp;
- int an_int;
+ unsigned int an_int;
if (mesg[mlen-1] != '\n')
return -EINVAL;
@@ -531,7 +531,7 @@ static int svc_export_parse(struct cache_detail *cd, char *mesg, int mlen)
goto out3;
/* flags */
- err = get_int(&mesg, &an_int);
+ err = get_uint(&mesg, &an_int);
if (err == -ENOENT) {
err = 0;
set_bit(CACHE_NEGATIVE, &exp.h.flags);
@@ -541,19 +541,19 @@ static int svc_export_parse(struct cache_detail *cd, char *mesg, int mlen)
exp.ex_flags= an_int;
/* anon uid */
- err = get_int(&mesg, &an_int);
+ err = get_uint(&mesg, &an_int);
if (err)
goto out3;
exp.ex_anon_uid= an_int;
/* anon gid */
- err = get_int(&mesg, &an_int);
+ err = get_uint(&mesg, &an_int);
if (err)
goto out3;
exp.ex_anon_gid= an_int;
/* fsid */
- err = get_int(&mesg, &an_int);
+ err = get_uint(&mesg, &an_int);
if (err)
goto out3;
exp.ex_fsid = an_int;
diff --git a/fs/nfsd/nfs4idmap.c b/fs/nfsd/nfs4idmap.c
index a1f10c0..e2c9317 100644
--- a/fs/nfsd/nfs4idmap.c
+++ b/fs/nfsd/nfs4idmap.c
@@ -415,7 +415,7 @@ nametoid_parse(struct cache_detail *cd, char *buf, int buflen)
goto out;
/* ID */
- error = get_int(&buf, &ent.id);
+ error = get_uint(&buf, &ent.id);
if (error == -EINVAL)
goto out;
if (error == -ENOENT)
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 73e9573..243d180 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -444,7 +444,7 @@ static int rsc_parse(struct cache_detail *cd,
goto out;
/* uid, or NEGATIVE */
- rv = get_int(&mesg, &rsci.cred.cr_uid);
+ rv = get_uint(&mesg, &rsci.cred.cr_uid);
if (rv == -EINVAL)
goto out;
if (rv == -ENOENT)
@@ -453,7 +453,7 @@ static int rsc_parse(struct cache_detail *cd,
int N, i;
/* gid */
- if (get_int(&mesg, &rsci.cred.cr_gid))
+ if (get_uint(&mesg, &rsci.cred.cr_gid))
goto out;
/* number of additional gid's */
@@ -469,7 +469,7 @@ static int rsc_parse(struct cache_detail *cd,
for (i=0; i<N; i++) {
gid_t gid;
kgid_t kgid;
- if (get_int(&mesg, &gid))
+ if (get_uint(&mesg, &gid))
goto out;
kgid = make_kgid(&init_user_ns, gid);
if (!gid_valid(kgid))
diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c
index 4d01292..5d7020a 100644
--- a/net/sunrpc/svcauth_unix.c
+++ b/net/sunrpc/svcauth_unix.c
@@ -493,7 +493,7 @@ static int unix_gid_parse(struct cache_detail *cd,
return -EINVAL;
mesg[mlen-1] = 0;
- rv = get_int(&mesg, &uid);
+ rv = get_uint(&mesg, &uid);
if (rv)
return -EINVAL;
ug.uid = uid;
@@ -513,7 +513,7 @@ static int unix_gid_parse(struct cache_detail *cd,
for (i = 0 ; i < gids ; i++) {
int gid;
kgid_t kgid;
- rv = get_int(&mesg, &gid);
+ rv = get_uint(&mesg, &gid);
err = -EINVAL;
if (rv)
goto out;
next prev parent reply other threads:[~2012-11-13 22:40 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-26 15:58 Kernel update 3.5.7 -> 3.6.3 breaks NFS4 Sven Geggus
2012-10-26 16:39 ` VDR User
2012-10-31 12:47 ` Sven Geggus
2012-10-26 17:15 ` J. Bruce Fields
[not found] ` <20121029094038.GA14836@geggus.net>
2012-10-29 15:02 ` J. Bruce Fields
2012-10-29 16:33 ` Sven Geggus
2012-10-29 22:09 ` J. Bruce Fields
2012-10-31 12:52 ` Sven Geggus
2012-10-31 14:28 ` VDR User
2012-10-31 15:33 ` Sven Geggus
2012-10-31 17:43 ` VDR User
2012-11-05 14:45 ` Sven Geggus
2012-11-05 16:55 ` Sven Geggus
2012-11-09 18:45 ` Sven Geggus
2012-11-09 20:07 ` J. Bruce Fields
2012-11-09 20:09 ` J. Bruce Fields
2012-11-09 22:45 ` Sven Geggus
2012-11-09 23:24 ` J. Bruce Fields
2012-11-12 9:17 ` Sven Geggus
2012-11-13 22:40 ` J. Bruce Fields [this message]
2012-11-14 0:58 ` J. Bruce Fields
2012-11-14 16:07 ` J. Bruce Fields
2012-11-14 16:08 ` J. Bruce Fields
2012-11-15 16:58 ` Sven Geggus
2012-11-16 19:19 ` J. Bruce Fields
2012-12-12 11:15 ` Sven Geggus
2012-12-12 18:57 ` J. Bruce Fields
2012-11-14 22:26 ` Eldad Zack
2012-11-09 23:17 ` Eldad Zack
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121113224005.GA11545@fieldses.org \
--to=bfields@fieldses.org \
--cc=linux-nfs@vger.kernel.org \
--cc=lists@fuchsschwanzdomain.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).