SUNRPC: Convert svcauth_unix_accept() to use xdr_stream

Done as part of hardening the server-side RPC header decoding path. Since the server-side of the Linux kernel SunRPC implementation ignores the contents of the Call's machinename field, there's no need for its RPC_AUTH_UNIX authenticator to reject names that are larger than UNX_MAXNODENAME. Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
author: Chuck Lever <chuck.lever@oracle.com> 2023-01-02 20:05:56 +0300
committer: Chuck Lever <chuck.lever@oracle.com> 2023-02-20 17:20:11 +0300
commit: 6181b0c6432bf0807512e85e0c5863f7aca8e515 (patch)
tree: 379ea03d1b92d988b0bb4dd774d1b91c488ecab6 /include/linux/sunrpc
parent: bee13639c0940abdea4dcaaf7f9bc0b88a68322b (diff)
download: linux-6181b0c6432bf0807512e85e0c5863f7aca8e515.tar.xz
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/sunrpc/msg_prot.h b/include/linux/sunrpc/msg_prot.h
index 02117ed0fa2e..c4b0eb2b2f04 100644
--- a/include/linux/sunrpc/msg_prot.h
+++ b/include/linux/sunrpc/msg_prot.h
@@ -34,6 +34,11 @@ enum rpc_auth_flavors {
 	RPC_AUTH_GSS_SPKMP = 390011,
 };
 
+/* Maximum size (in octets) of the machinename in an AUTH_UNIX
+ * credential (per RFC 5531 Appendix A)
+ */
+#define RPC_MAX_MACHINENAME	(255)
+
 /* Maximum size (in bytes) of an rpc credential or verifier */
 #define RPC_MAX_AUTH_SIZE (400)
author	Chuck Lever <chuck.lever@oracle.com>	2023-01-02 20:05:56 +0300
committer	Chuck Lever <chuck.lever@oracle.com>	2023-02-20 17:20:11 +0300
commit	6181b0c6432bf0807512e85e0c5863f7aca8e515 (patch)
tree	379ea03d1b92d988b0bb4dd774d1b91c488ecab6 /include/linux/sunrpc
parent	bee13639c0940abdea4dcaaf7f9bc0b88a68322b (diff)
download	linux-6181b0c6432bf0807512e85e0c5863f7aca8e515.tar.xz