From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 29 Jan 2018 13:53:40 +0000 (+0100)
Subject: 4.14-stable patches
X-Git-Tag: v4.4.114~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ed58392f4125c95fe472636cc29181f7d0f690fd;p=thirdparty%2Fkernel%2Fstable-queue.git

4.14-stable patches

added patches:
	nfsd-auth-fix-gid-sorting-when-rootsquash-enabled.patch
---

diff --git a/queue-4.14/nfsd-auth-fix-gid-sorting-when-rootsquash-enabled.patch b/queue-4.14/nfsd-auth-fix-gid-sorting-when-rootsquash-enabled.patch
new file mode 100644
index 00000000000..bc883327011
--- /dev/null
+++ b/queue-4.14/nfsd-auth-fix-gid-sorting-when-rootsquash-enabled.patch
@@ -0,0 +1,47 @@
+From 1995266727fa8143897e89b55f5d3c79aa828420 Mon Sep 17 00:00:00 2001
+From: Ben Hutchings <ben.hutchings@codethink.co.uk>
+Date: Mon, 22 Jan 2018 20:11:06 +0000
+Subject: nfsd: auth: Fix gid sorting when rootsquash enabled
+
+From: Ben Hutchings <ben.hutchings@codethink.co.uk>
+
+commit 1995266727fa8143897e89b55f5d3c79aa828420 upstream.
+
+Commit bdcf0a423ea1 ("kernel: make groups_sort calling a responsibility
+group_info allocators") appears to break nfsd rootsquash in a pretty
+major way.
+
+It adds a call to groups_sort() inside the loop that copies/squashes
+gids, which means the valid gids are sorted along with the following
+garbage.  The net result is that the highest numbered valid gids are
+replaced with any lower-valued garbage gids, possibly including 0.
+
+We should sort only once, after filling in all the gids.
+
+Fixes: bdcf0a423ea1 ("kernel: make groups_sort calling a responsibility ...")
+Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
+Acked-by: J. Bruce Fields <bfields@redhat.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Wolfgang Walter <linux@stwm.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/nfsd/auth.c |    6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/fs/nfsd/auth.c
++++ b/fs/nfsd/auth.c
+@@ -60,10 +60,10 @@ int nfsd_setuser(struct svc_rqst *rqstp,
+ 				gi->gid[i] = exp->ex_anon_gid;
+ 			else
+ 				gi->gid[i] = rqgi->gid[i];
+-
+-			/* Each thread allocates its own gi, no race */
+-			groups_sort(gi);
+ 		}
++
++		/* Each thread allocates its own gi, no race */
++		groups_sort(gi);
+ 	} else {
+ 		gi = get_group_info(rqgi);
+ 	}
diff --git a/queue-4.14/series b/queue-4.14/series
index 5e471160125..f6583e085f9 100644
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -69,3 +69,4 @@ bpf-fix-32-bit-divide-by-zero.patch
 bpf-reject-stores-into-ctx-via-st-and-xadd.patch
 bpf-arm64-fix-stack_depth-tracking-in-combination-with-tail-calls.patch
 cpufreq-governor-ensure-sufficiently-large-sampling-intervals.patch
+nfsd-auth-fix-gid-sorting-when-rootsquash-enabled.patch