NFS: Don't drop CB requests with invalid principals

commit a4e187d83d88eeaba6252aac0a2ffe5eaa73a818 upstream. Before commit 778be232a207 ("NFS do not find client in NFSv4 pg_authenticate"), the Linux callback server replied with RPC_AUTH_ERROR / RPC_AUTH_BADCRED, instead of dropping the CB request. Let's restore that behavior so the server has a chance to do something useful about it, and provide a warning that helps admins correct the problem. Fixes: 778be232a207 ("NFS do not find client in NFSv4 ...") Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Tested-by: Steve Wise <swise@opengridcomputing.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Chuck Lever <chuck.lever@oracle.com> 2016-06-29 13:55:22 -0400
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2016-10-07 15:23:45 +0200
commit: 80468ac59605410aef0e1911ac61163a0367c82f (patch)
tree: 630e653d297f1f2c506b7f7bee7dd398d7dcebad /net
parent: 9c90be45e28e5f3d9b9f41c1d6e15ecd36f7d624 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c
index 87290a5a9ac7..c5b0cb4f4056 100644
--- a/net/sunrpc/svc.c
+++ b/net/sunrpc/svc.c
@@ -1194,6 +1194,11 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv)
 				procp->pc_release(rqstp, NULL, rqstp->rq_resp);
 			goto dropit;
 		}
+		if (*statp == rpc_autherr_badcred) {
+			if (procp->pc_release)
+				procp->pc_release(rqstp, NULL, rqstp->rq_resp);
+			goto err_bad_auth;
+		}
 		if (*statp == rpc_success &&
 		    (xdr = procp->pc_encode) &&
 		    !xdr(rqstp, resv->iov_base+resv->iov_len, rqstp->rq_resp)) {
author	Chuck Lever <chuck.lever@oracle.com>	2016-06-29 13:55:22 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2016-10-07 15:23:45 +0200
commit	80468ac59605410aef0e1911ac61163a0367c82f (patch)
tree	630e653d297f1f2c506b7f7bee7dd398d7dcebad /net
parent	9c90be45e28e5f3d9b9f41c1d6e15ecd36f7d624 (diff)