summaryrefslogtreecommitdiff
path: root/kernel/uid16.h
diff options
context:
space:
mode:
authorBenjamin Coddington <bcodding@redhat.com>2019-09-16 07:59:37 -0400
committerAnna Schumaker <Anna.Schumaker@Netapp.com>2019-09-20 15:15:24 -0400
commit5f1bc39979d868a0358c683864bec3fc8395440b (patch)
tree62b433b69b341f374b86c5d5a8692c027ea8a996 /kernel/uid16.h
parent714fbc73888f59321854e7f6c2f224213923bcad (diff)
SUNRPC: Fix buffer handling of GSS MIC without slack
The GSS Message Integrity Check data for krb5i may lie partially in the XDR reply buffer's pages and tail. If so, we try to copy the entire MIC into free space in the tail. But as the estimations of the slack space required for authentication and verification have improved there may be less free space in the tail to complete this copy -- see commit 2c94b8eca1a2 ("SUNRPC: Use au_rslack when computing reply buffer size"). In fact, there may only be room in the tail for a single copy of the MIC, and not part of the MIC and then another complete copy. The real world failure reported is that `ls` of a directory on NFS may sometimes return -EIO, which can be traced back to xdr_buf_read_netobj() failing to find available free space in the tail to copy the MIC. Fix this by checking for the case of the MIC crossing the boundaries of head, pages, and tail. If so, shift the buffer until the MIC is contained completely within the pages or tail. This allows the remainder of the function to create a sub buffer that directly address the complete MIC. Signed-off-by: Benjamin Coddington <bcodding@redhat.com> Cc: stable@vger.kernel.org # v5.1 Reviewed-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Diffstat (limited to 'kernel/uid16.h')
0 files changed, 0 insertions, 0 deletions