diff options
| author | Thiago Rafael Becker <thiago.becker@gmail.com> | 2017-12-14 15:33:12 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-01-10 09:29:52 +0100 |
| commit | 79258d9834803518a80b0ed0603c790638f0478b (patch) | |
| tree | e24060777442734ec52d5f8a44d1964fb5cbcaca /include | |
| parent | 3a381abc5b703c0f10c2792e97ec805674e9197e (diff) | |
kernel: make groups_sort calling a responsibility group_info allocators
commit bdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758 upstream.
In testing, we found that nfsd threads may call set_groups in parallel
for the same entry cached in auth.unix.gid, racing in the call of
groups_sort, corrupting the groups for that entry and leading to
permission denials for the client.
This patch:
- Make groups_sort globally visible.
- Move the call to groups_sort to the modifiers of group_info
- Remove the call to groups_sort from set_groups
Link: http://lkml.kernel.org/r/20171211151420.18655-1-thiago.becker@gmail.com
Signed-off-by: Thiago Rafael Becker <thiago.becker@gmail.com>
Reviewed-by: Matthew Wilcox <mawilcox@microsoft.com>
Reviewed-by: NeilBrown <neilb@suse.com>
Acked-by: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/cred.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/cred.h b/include/linux/cred.h index f0e70a1bb3ac..cf1a5d0c4eb4 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -82,6 +82,7 @@ extern int set_current_groups(struct group_info *); extern void set_groups(struct cred *, struct group_info *); extern int groups_search(const struct group_info *, kgid_t); extern bool may_setgroups(void); +extern void groups_sort(struct group_info *); /* * The security context of a task |