From 5ee33e65a9e62cb692c32b4ef4b6a1395b0cbb77 Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Fri, 24 May 2013 17:24:34 -0400 Subject: [PATCH] --- yaml --- r: 376450 b: refs/heads/master c: afe3c3fd5392b2f0066930abc5dbd3f4b14a0f13 h: refs/heads/master v: v3 --- [refs] | 2 +- trunk/net/sunrpc/svcauth_unix.c | 12 +++++++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/[refs] b/[refs] index d9885dc6cab4..915815d16824 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: b161c144404c18f6a9e20e46b63828ae3c2eb093 +refs/heads/master: afe3c3fd5392b2f0066930abc5dbd3f4b14a0f13 diff --git a/trunk/net/sunrpc/svcauth_unix.c b/trunk/net/sunrpc/svcauth_unix.c index c3f9e1ef7f53..06bdf5a1082c 100644 --- a/trunk/net/sunrpc/svcauth_unix.c +++ b/trunk/net/sunrpc/svcauth_unix.c @@ -810,11 +810,15 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) goto badcred; argv->iov_base = (void*)((__be32*)argv->iov_base + slen); /* skip machname */ argv->iov_len -= slen*4; - + /* + * Note: we skip uid_valid()/gid_valid() checks here for + * backwards compatibility with clients that use -1 id's. + * Instead, -1 uid or gid is later mapped to the + * (export-specific) anonymous id by nfsd_setuser. + * Supplementary gid's will be left alone. + */ cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */ cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */ - if (!uid_valid(cred->cr_uid) || !gid_valid(cred->cr_gid)) - goto badcred; slen = svc_getnl(argv); /* gids length */ if (slen > 16 || (len -= (slen + 2)*4) < 0) goto badcred; @@ -823,8 +827,6 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) return SVC_CLOSE; for (i = 0; i < slen; i++) { kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv)); - if (!gid_valid(kgid)) - goto badcred; GROUP_AT(cred->cr_group_info, i) = kgid; } if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) {