From nobody Fri Nov 15 13:00:55 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XqcZw1XVKz5d6xK; Fri, 15 Nov 2024 13:00:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XqcZv6Ytfz4pn3; Fri, 15 Nov 2024 13:00:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731675655; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=yZYeu2fXkTrxLTPTlNy5e+YSqDoEEFuKKcNc9NeulOA=; b=izjTZcL4TUTcND1q6ZwOmUeKIsLBnVM+m0lkbDBseKN53YShnsFKeDRIygj5099R3zyMpE +jmRQQTulM0bVRgN9tXGKb3IVZDB+jKOTE2te99sdlmVAbuWBuUsg5ANheGfKp26vawWwK MvW9vXRIapwkFxc/PXvi5ith/lr4QOVsig0cQCzYAe0tQpiX/wP0xkBDWr+It3UxCiGQxK 9TrBI3SDl9afq1xsLlFiv4SJIk9yTAyoWLY5yqhClFZAFi+Zs9+yEnlN34JhL/r6SoS6Wm t6kafLIosBWTn1O78vuCFO6fQcFlRK4+eEryL7koy0HDzuAo0uNkvJ4XKqVcZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731675655; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=yZYeu2fXkTrxLTPTlNy5e+YSqDoEEFuKKcNc9NeulOA=; b=USsokt8P23sMKGmrwL8qvMArd0f6qHEezheEQwH2SVh2rFWkvzogsop71e3egaaZWFCWyz PknlWsr9yPE+UcDLybp2koePZYfazONFtVoC2HyiAj8PtuDGA8qHWGtG8QkmKuMCUimkr+ sKTS77kiqrm7uGL6W4BuZhUBx3Wz5+uBJ7lI8S77ZClyumnGiWSS3Wf/m8dlsKOD8Yw5Pp TEB+UTDqy+mKruzoVnwPugX7qunSVsB6HX130l6DR/RJK8XYml3ylMbay+rFhGrCdOQ+DC BlI4Psjoz9vyPJAHnM9z5BqwiET5tnH/Joz38AhMg9TYx8st/JL4PlWWfUsgVg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1731675655; a=rsa-sha256; cv=none; b=WH6lS9umRgBAHZYHapy2F7DvjLuGin5DHpLb5buiXhbCFjxsCnn5zBtx5SlytabnpqmvtQ Oyp8MkjsA7KgJWrBqXtcv7FpcsDlWz3fwE4ZE3Htp6IhrckMEWOHrTlLpGhR0tvO2v/UwU t2qZ7uERzGp06Lq3MCM8/qEMNZF6fzfB7yei8WRzjEDF/WKkRqDJ9UizhJceLAar+Vb4/0 0j7sHaQoOd1Jjf0lig0kG5+fBs82X9RQpTnOWbrGtfWnL+2hllRq9PhN+C66Ln5SevkR5f GssYOtL3Hc8YsZyCqmQVs4uVPjf861SF+jWX3TfTF1LTf4UJeE6uF/TtSoQnqg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XqcZv69tqzNsC; Fri, 15 Nov 2024 13:00:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AFD0tvA071436; Fri, 15 Nov 2024 13:00:55 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AFD0tXX071433; Fri, 15 Nov 2024 13:00:55 GMT (envelope-from git) Date: Fri, 15 Nov 2024 13:00:55 GMT Message-Id: <202411151300.4AFD0tXX071433@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: e603cc72074a - stable/13 - cred: groupmember(): Remove tolerance for empty 'cr_groups' List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: e603cc72074a9ef9226f8e61c7e94a8e8141c322 Auto-Submitted: auto-generated The branch stable/13 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=e603cc72074a9ef9226f8e61c7e94a8e8141c322 commit e603cc72074a9ef9226f8e61c7e94a8e8141c322 Author: Olivier Certner AuthorDate: 2024-11-01 16:12:15 +0000 Commit: Olivier Certner CommitDate: 2024-11-15 12:59:10 +0000 cred: groupmember(): Remove tolerance for empty 'cr_groups' This tolerance had been introduced in commit caa309c8811d ("nfsd: Fix handling of credentials with cr_ngroups == 0", on 2024/10/21). Now that NFS has been modified in the previous commit (cfbe7a62dc62, "nfs, rpc: Ensure kernel credentials have at least one group") to rule out credentials with empty 'cr_groups' (and thus, no 'cr_gid'), remove it back. This basically reverts the above-mentioned commit except for the not directly related modifications it contains, which are still valid. Discussed with: rmacklem (by mail) Approved by: markj (mentor) MFC after: 3 days (cherry picked from commit 3f313682e030f1c99d9b223093e84d0a53a109af) Approved by: markj (mentor) --- sys/kern/kern_prot.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index ddd45ef1357b..e62efb285698 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1373,13 +1373,6 @@ int groupmember(gid_t gid, const struct ucred *cred) { - /* - * The nfsd server can use a credential with zero groups in it - * when certain mapped export credentials are specified via exports(5). - */ - if (cred->cr_ngroups == 0) - return (0); - groups_check_positive_len(cred->cr_ngroups); if (gid == cred->cr_groups[0])