From: Greg Kroah-Hartman Date: Tue, 15 Jan 2008 21:55:48 +0000 (-0800) Subject: another .23 patch X-Git-Tag: v2.6.22.19~56 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e18796c747cb9d1691195da146d077816409f54d;p=thirdparty%2Fkernel%2Fstable-queue.git another .23 patch --- diff --git a/queue-2.6.23/knfsd-allow-nfsv2-3-write-calls-to-succeed-when-krb5i-etc-is-used.patch b/queue-2.6.23/knfsd-allow-nfsv2-3-write-calls-to-succeed-when-krb5i-etc-is-used.patch new file mode 100644 index 00000000000..e4ebbc89212 --- /dev/null +++ b/queue-2.6.23/knfsd-allow-nfsv2-3-write-calls-to-succeed-when-krb5i-etc-is-used.patch @@ -0,0 +1,68 @@ +From stable-bounces@linux.kernel.org Fri Jan 11 14:07:21 2008 +From: NeilBrown +Date: Fri, 11 Jan 2008 17:06:52 -0500 +Subject: knfsd: Allow NFSv2/3 WRITE calls to succeed when krb5i etc is used. +To: Linus Torvalds +Cc: NeilBrown , Peter Staubach , "J. Bruce Fields" , nfs@lists.sourceforge.net, stable@kernel.org +Message-ID: <1200089212-12204-1-git-send-email-bfields@citi.umich.edu> + + +From: NeilBrown + +patch ba67a39efde8312e386c6f603054f8945433d91f in mainline. + +When RPCSEC/GSS and krb5i is used, requests are padded, typically to a multiple +of 8 bytes. This can make the request look slightly longer than it +really is. + +As of + + f34b95689d2ce001c "The NFSv2/NFSv3 server does not handle zero + length WRITE request correctly", + +the xdr decode routines for NFSv2 and NFSv3 reject requests that aren't +the right length, so krb5i (for example) WRITE requests can get lost. + +This patch relaxes the appropriate test and enhances the related comment. + +Signed-off-by: Neil Brown +Signed-off-by: J. Bruce Fields +Cc: Peter Staubach +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + fs/nfsd/nfs3xdr.c | 5 ++++- + fs/nfsd/nfsxdr.c | 5 ++++- + 2 files changed, 8 insertions(+), 2 deletions(-) + +--- a/fs/nfsd/nfs3xdr.c ++++ b/fs/nfsd/nfs3xdr.c +@@ -396,8 +396,11 @@ nfs3svc_decode_writeargs(struct svc_rqst + * Round the length of the data which was specified up to + * the next multiple of XDR units and then compare that + * against the length which was actually received. ++ * Note that when RPCSEC/GSS (for example) is used, the ++ * data buffer can be padded so dlen might be larger ++ * than required. It must never be smaller. + */ +- if (dlen != XDR_QUADLEN(len)*4) ++ if (dlen < XDR_QUADLEN(len)*4) + return 0; + + if (args->count > max_blocksize) { +--- a/fs/nfsd/nfsxdr.c ++++ b/fs/nfsd/nfsxdr.c +@@ -313,8 +313,11 @@ nfssvc_decode_writeargs(struct svc_rqst + * Round the length of the data which was specified up to + * the next multiple of XDR units and then compare that + * against the length which was actually received. ++ * Note that when RPCSEC/GSS (for example) is used, the ++ * data buffer can be padded so dlen might be larger ++ * than required. It must never be smaller. + */ +- if (dlen != XDR_QUADLEN(len)*4) ++ if (dlen < XDR_QUADLEN(len)*4) + return 0; + + rqstp->rq_vec[0].iov_base = (void*)p; diff --git a/queue-2.6.23/series b/queue-2.6.23/series index b2f25a46b68..23de4eafd5e 100644 --- a/queue-2.6.23/series +++ b/queue-2.6.23/series @@ -58,3 +58,4 @@ m68k-export-cachectl.h.patch vm-security-add-security-hook-to-do_brk.patch security-protect-from-stack-expantion-into-low-vm-addresses.patch md-fix-data-corruption-when-a-degraded-raid5-array-is-reshaped.patch +knfsd-allow-nfsv2-3-write-calls-to-succeed-when-krb5i-etc-is-used.patch