diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2020-04-18 21:38:19 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2020-05-20 09:20:05 +0300 |
| commit | e15d3d42900ab2c3d601670e68435868a1436876 (patch) | |
| tree | 183a1d54acae88cd93c6025dc8b3d18cb227d9b6 /include | |
| parent | 3bf0794e73095729e11f06c8225012ed3c9edcb6 (diff) | |
| download | linux-e15d3d42900ab2c3d601670e68435868a1436876.tar.xz | |
SUNRPC: Fix GSS privacy computation of auth->au_ralign
[ Upstream commit a7e429a6fa6d612d1dacde96c885dc1bb4a9f400 ]
When the au_ralign field was added to gss_unwrap_resp_priv, the
wrong calculation was used. Setting au_rslack == au_ralign is
probably correct for kerberos_v1 privacy, but kerberos_v2 privacy
adds additional GSS data after the clear text RPC message.
au_ralign needs to be smaller than au_rslack in that fairly common
case.
When xdr_buf_trim() is restored to gss_unwrap_kerberos_v2(), it does
exactly what I feared it would: it trims off part of the clear text
RPC message. However, that's because rpc_prepare_reply_pages() does
not set up the rq_rcv_buf's tail correctly because au_ralign is too
large.
Fixing the au_ralign computation also corrects the alignment of
rq_rcv_buf->pages so that the client does not have to shift reply
data payloads after they are received.
Fixes: 35e77d21baa0 ("SUNRPC: Add rpc_auth::au_ralign field")
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/sunrpc/gss_api.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/sunrpc/gss_api.h b/include/linux/sunrpc/gss_api.h index d1c6f65de76e..d4326d6662a4 100644 --- a/include/linux/sunrpc/gss_api.h +++ b/include/linux/sunrpc/gss_api.h @@ -22,6 +22,7 @@ struct gss_ctx { struct gss_api_mech *mech_type; void *internal_ctx_id; + unsigned int slack, align; }; #define GSS_C_NO_BUFFER ((struct xdr_netobj) 0) |