From nobody Fri Nov 15 13:00:56 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XqcZx2Ln3z5d6pJ; Fri, 15 Nov 2024 13:00:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XqcZx0HRHz4pcH; Fri, 15 Nov 2024 13:00:57 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731675657; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NhAxr52l2ZUXsher3k48Pw51QmOT/XqZo958b87Lgfo=; b=v5NR6dPi4cKFqeSKgI6t6hNyyMP+pUvJS8DyF6LM2zk3B6wzUHJB4O0AM06DTjEimVVNad PsSL/dbK2gvQMi4AG799hKt7MKXSTeYV85tQoo4sLtUlR07XKOEnzXVNIvMfO9z1FluV41 zkTMmbmnpnuDnpNP+z7L0XxlI3WHtOeXz+GYoYoC8+2gV0lJokybJHF43LKTAH5qoXbvKB ofrbLHxT0319/O79Zm7Hm9QOpzVgrPYKTOmuopXT3P0mUgkwZ5E4c4gvrs7HAWgkDsc7Sv rt1RtWOTNtAxevQJz8PCyuzf239coobR+EI4s+g/1OlBDNgMlf6M/NXxJKscmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731675657; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NhAxr52l2ZUXsher3k48Pw51QmOT/XqZo958b87Lgfo=; b=ZGeL+M4fjMDXHjRUlpEUknfdI62t2J+WR2ZojHuRuapDZ+IYTMKlk9qmCKvCBk69ogYGzu Flpxp+/0vLXbRn3J07kWu3E51gvWt7utwDS7uktCh+tfZ537It8T4wXOfPXXAoDOXrY3kS NcBGSgHliPUtRJhAzIgPUrNmmnEtZc5nEnAG7wCvMxLOM4UUcUKIFY9SUXJW4vHhEI57PX rLg0RjVJGNebqw/aX8C51oFlO1/myHnYSK21IurLFstAFXPhUQwzRjSp+qgqg0TdwTsKzF QRC3X7B2Ez8UWofoNC5ipqB+gQ1PrMMV9fkn3JFwS9XGd2cz4/UdbXLTS7X5qg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1731675657; a=rsa-sha256; cv=none; b=AJcPeawSN1c9bPXgog/WK/YUnsgh47i4Wypfc2V+8Wmt8zJ55BZhYQnAz23lmCgsI5FXFp cth3MYASXZmX1g5WJ0BHl+BCBGefdzts777G1lFmr81Cd7cZKbcCAO9lRuNTMH1iee6A1J OOcHMSkxj2iFNUK+BUbdoB8wQ6TQqk7y32M1TcWZVrfUXHE0A0vytSaPg3HLrcKEze0mB6 4RtL0LA3Pvzks4a0GfZO0xKJG+cqLbQIXJQu9Z3RD6YQNg4ktr4WO/kk7gqDrQn7CFeMTp 4IMekQ8mZFLakJgylp0HVVXG0Ro1b6z8X67yga6FrIwbOVPgUBZl3fmPJ7Dovg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XqcZw71VLzPHv; Fri, 15 Nov 2024 13:00:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AFD0uXI071493; Fri, 15 Nov 2024 13:00:56 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AFD0u7X071490; Fri, 15 Nov 2024 13:00:56 GMT (envelope-from git) Date: Fri, 15 Nov 2024 13:00:56 GMT Message-Id: <202411151300.4AFD0u7X071490@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 4bef138e8d91 - stable/13 - nfs: Fallback to GID_NOGROUP on no groups List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 4bef138e8d91cda4d26cb4f20c6f419908b0f7b6 Auto-Submitted: auto-generated The branch stable/13 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=4bef138e8d91cda4d26cb4f20c6f419908b0f7b6 commit 4bef138e8d91cda4d26cb4f20c6f419908b0f7b6 Author: Olivier Certner AuthorDate: 2024-11-03 10:26:37 +0000 Commit: Olivier Certner CommitDate: 2024-11-15 12:59:10 +0000 nfs: Fallback to GID_NOGROUP on no groups We cannot unconditionally access nfsd's VNET variables in 'sys/kern/vfs_export.c' nor 'sys/fs/nfsserver/nfs_nfsdsubs.c', as they may not have been compiled in depending on build options. So, forget about the extra mile of using the configured default group and use the hardcoded GID_NOGROUP (which differs only on systems running nfsuserd(8) and with a non-default GID for their "nogroup" group). Reported by: rpokala, bapt (MINIMAL compile breakup) Reported by: cy, David Wolfskill (panics caused by mountd(8)) Approved by: markj (mentor) Fixes: cfbe7a62dc62 ("nfs, rpc: Ensure kernel credentials have at least one group") (cherry picked from commit 5169d4307eb9c8b7bb0bd46d600012bcc12cbdae) --- sys/fs/nfs/nfs_commonport.c | 3 +-- sys/fs/nfs/nfs_commonsubs.c | 2 +- sys/kern/vfs_export.c | 9 +++------ 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/sys/fs/nfs/nfs_commonport.c b/sys/fs/nfs/nfs_commonport.c index 67dd8e14a22c..c84548b54fc1 100644 --- a/sys/fs/nfs/nfs_commonport.c +++ b/sys/fs/nfs/nfs_commonport.c @@ -75,7 +75,6 @@ NFSD_VNET_DEFINE(struct nfsstatsv1 *, nfsstatsv1_p); NFSD_VNET_DECLARE(struct nfssockreq, nfsrv_nfsuserdsock); NFSD_VNET_DECLARE(nfsuserd_state, nfsrv_nfsuserd); -NFSD_VNET_DECLARE(gid_t, nfsrv_defaultgid); int nfs_pnfsio(task_fn_t *, void *); @@ -261,7 +260,7 @@ newnfs_copycred(struct nfscred *nfscr, struct ucred *cr) ("newnfs_copycred: negative nfsc_ngroups")); cr->cr_uid = nfscr->nfsc_uid; crsetgroups_fallback(cr, nfscr->nfsc_ngroups, nfscr->nfsc_groups, - NFSD_VNET(nfsrv_defaultgid)); + GID_NOGROUP); } /* diff --git a/sys/fs/nfs/nfs_commonsubs.c b/sys/fs/nfs/nfs_commonsubs.c index cbac4ee85167..256342f146f0 100644 --- a/sys/fs/nfs/nfs_commonsubs.c +++ b/sys/fs/nfs/nfs_commonsubs.c @@ -3979,7 +3979,7 @@ nfssvc_idname(struct nfsd_idargs *nidp) cr = crget(); cr->cr_uid = cr->cr_ruid = cr->cr_svuid = nidp->nid_uid; crsetgroups_fallback(cr, nidp->nid_ngroup, grps, - NFSD_VNET(nfsrv_defaultgid)); + GID_NOGROUP); cr->cr_rgid = cr->cr_svgid = cr->cr_gid; cr->cr_prison = curthread->td_ucred->cr_prison; prison_hold(cr->cr_prison); diff --git a/sys/kern/vfs_export.c b/sys/kern/vfs_export.c index 6eb20c8ed3a9..f3c11541ceea 100644 --- a/sys/kern/vfs_export.c +++ b/sys/kern/vfs_export.c @@ -42,6 +42,7 @@ #include #include +#include #include #include #include @@ -63,10 +64,6 @@ #include #include -#include - -NFSD_VNET_DECLARE(gid_t, nfsrv_defaultgid); - static MALLOC_DEFINE(M_NETADDR, "export_host", "Export host address structure"); #if defined(INET) || defined(INET6) @@ -140,7 +137,7 @@ vfs_hang_addrlist(struct mount *mp, struct netexport *nep, np->netc_anon = crget(); np->netc_anon->cr_uid = argp->ex_uid; crsetgroups_fallback(np->netc_anon, argp->ex_ngroups, - argp->ex_groups, NFSD_VNET(nfsrv_defaultgid)); + argp->ex_groups, GID_NOGROUP); np->netc_anon->cr_prison = &prison0; prison_hold(np->netc_anon->cr_prison); np->netc_numsecflavors = argp->ex_numsecflavors; @@ -219,7 +216,7 @@ vfs_hang_addrlist(struct mount *mp, struct netexport *nep, np->netc_anon = crget(); np->netc_anon->cr_uid = argp->ex_uid; crsetgroups_fallback(np->netc_anon, argp->ex_ngroups, argp->ex_groups, - NFSD_VNET(nfsrv_defaultgid)); + GID_NOGROUP); np->netc_anon->cr_prison = &prison0; prison_hold(np->netc_anon->cr_prison); np->netc_numsecflavors = argp->ex_numsecflavors;