kernel: make groups_sort calling a responsibility group_info allocators
In testing, we found that nfsd threads may call set_groups in parallel for the same entry cached in auth.unix.gid, racing in the call of groups_sort, corrupting the groups for that entry and leading to permission denials for the client. This patch: - Make groups_sort globally visible. - Move the call to groups_sort to the modifiers of group_info - Remove the call to groups_sort from set_groups Link: http://lkml.kernel.org/r/20171211151420.18655-1-thiago.becker@gmail.com Signed-off-by:Thiago Rafael Becker <thiago.becker@gmail.com> Reviewed-by:
Matthew Wilcox <mawilcox@microsoft.com> Reviewed-by:
NeilBrown <neilb@suse.com> Acked-by:
"J. Bruce Fields" <bfields@fieldses.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: <stable@vger.kernel.org> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
Showing
- arch/s390/kernel/compat_linux.c 1 addition, 0 deletionsarch/s390/kernel/compat_linux.c
- fs/nfsd/auth.c 3 additions, 0 deletionsfs/nfsd/auth.c
- include/linux/cred.h 1 addition, 0 deletionsinclude/linux/cred.h
- kernel/groups.c 3 additions, 2 deletionskernel/groups.c
- kernel/uid16.c 1 addition, 0 deletionskernel/uid16.c
- net/sunrpc/auth_gss/gss_rpc_xdr.c 1 addition, 0 deletionsnet/sunrpc/auth_gss/gss_rpc_xdr.c
- net/sunrpc/auth_gss/svcauth_gss.c 1 addition, 0 deletionsnet/sunrpc/auth_gss/svcauth_gss.c
- net/sunrpc/svcauth_unix.c 2 additions, 0 deletionsnet/sunrpc/svcauth_unix.c
Loading
Please register or sign in to comment