git: e603cc72074a - stable/13 - cred: groupmember(): Remove tolerance for empty 'cr_groups'

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=e603cc72074a9ef9226f8e61c7e94a8e8141c322

commit e603cc72074a9ef9226f8e61c7e94a8e8141c322
Author:     Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2024-11-01 16:12:15 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2024-11-15 12:59:10 +0000

    cred: groupmember(): Remove tolerance for empty 'cr_groups'
    
    This tolerance had been introduced in commit caa309c8811d ("nfsd: Fix
    handling of credentials with cr_ngroups == 0", on 2024/10/21).
    
    Now that NFS has been modified in the previous commit (cfbe7a62dc62,
    "nfs, rpc: Ensure kernel credentials have at least one group") to rule
    out credentials with empty 'cr_groups' (and thus, no 'cr_gid'), remove
    it back.
    
    This basically reverts the above-mentioned commit except for the not
    directly related modifications it contains, which are still valid.
    
    Discussed with: rmacklem (by mail)
    Approved by:    markj (mentor)
    MFC after:      3 days
    
    (cherry picked from commit 3f313682e030f1c99d9b223093e84d0a53a109af)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_prot.c | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index ddd45ef1357b..e62efb285698 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1373,13 +1373,6 @@ int
 groupmember(gid_t gid, const struct ucred *cred)
 {
 
-	/*
-	 * The nfsd server can use a credential with zero groups in it
-	 * when certain mapped export credentials are specified via exports(5).
-	 */
-	if (cred->cr_ngroups == 0)
-		return (0);
-
 	groups_check_positive_len(cred->cr_ngroups);
 
 	if (gid == cred->cr_groups[0])