From nobody Fri Nov 15 13:00:58 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XqcZy4C5wz5d76g; Fri, 15 Nov 2024 13:00:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XqcZy1TJwz4pqX; Fri, 15 Nov 2024 13:00:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731675658; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Nw/MtC0pIaCWRALkSlUvUiKoKvYqqe/vMEFOmG6nR5I=; b=f0K7OOJidbPPP88WPYT6NUkdNmL+/rRCd4uVe+Zmj7+DGEkFsq6ITHaRzcUsz1mty8A1dC N3wXNmco/kRp+YUK2jjwJk8OePzxbw3t3F1QKmXBjKOICqux8+z1zwBTrKmTVGM6XGhiDS 9twtMyEiASBrjnDEzRlT05dZP0rr4wWPI2aD6hyqjKpQgzxbYiCBovyKNd6Yfm2eKcj8mF 27aB5LZkoFmpoXQPnFAP+VriNoQ5KfMY3OgRz9NnNzFEZefbyhUpFjLV1IbINXlP11NW+5 KRxZdXIDFGCytgZMiYm+RNhLxaxuB1frvwyGH0AObBljSSIpSqcEf1dlkNNdtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731675658; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Nw/MtC0pIaCWRALkSlUvUiKoKvYqqe/vMEFOmG6nR5I=; b=XMPFhR6bx+mCt0d2Otpk1M+2COCszNsgZ4/tbvRwRocl30RpLmDlAhUxQq5xCzScqSbMDt fRw2TZdymRdZnt3zRzfSSgjcyrkD+qpvLKslR/DLSEiYJHNY9KljVrTiVy0kl5bxsQp0Ek 5PK86nd9PP3VCBYIEd6+gArAnmoRG3ywy3cz8JYh3RiirjS+GsI6jQMydDMgG6jO/e+T0m DNKWYJtiZMdPiV9hgvYMFOfhf+Oc7TKkz9kV2L8W2SjZSsQ9SjD2nJafDSkKE0yytjPLhc SBXnAfzjgiy90yaH82/RRBSEuXSP9OHxFHnphXsUXy5tKxknIXB5d002wPxzZQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1731675658; a=rsa-sha256; cv=none; b=eIQUONAh/OA9KX7PfCgEfaKdnzQac4OLCIQl881hQPNgt/Ihtelssos0z68eJgB/dylxWv tpKXCyM2E8tFJ3k/jkyvstC4mcpx9oqBnEhyP4Jwp64RXiXPNgaz2geeeYOQs6uTKVEsnQ 5LmEm0CkQZcsEmZIKbQbJ8pES3HCEsPQVq5Il3q43gHZC9hBpBGefiviHxEcmske9altZ3 gn4iOMQurKZpVbcjXOGDvkPBjZIU8GMdNgTnLAWBRpvxuO59q/vlSZWvkSyXhc2nR133d4 4mBqrdWVM/iGDkVVfDaHsd8LliSrtWFERAKcumwhxTgY5DSeNjvyCV/KItjN1Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XqcZy0dGBzP63; Fri, 15 Nov 2024 13:00:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AFD0wAg071545; Fri, 15 Nov 2024 13:00:58 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AFD0woV071542; Fri, 15 Nov 2024 13:00:58 GMT (envelope-from git) Date: Fri, 15 Nov 2024 13:00:58 GMT Message-Id: <202411151300.4AFD0woV071542@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: dcf34d8a828a - stable/13 - cred: crsetgroups(): Throw away old groups before crextend() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: dcf34d8a828aa2a369a2b738192180b8402ca319 Auto-Submitted: auto-generated The branch stable/13 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=dcf34d8a828aa2a369a2b738192180b8402ca319 commit dcf34d8a828aa2a369a2b738192180b8402ca319 Author: Olivier Certner AuthorDate: 2024-11-03 18:04:02 +0000 Commit: Olivier Certner CommitDate: 2024-11-15 12:59:10 +0000 cred: crsetgroups(): Throw away old groups before crextend() Now that crextend() asserts that groups are not set (rightfully so, since it may change the backing storage without copying the content of the old one), have crsetgroups() throw away the old groups before calling it, as it installs an entirely new set anyway. This allows to reuse unshared credentials by resetting their groups set, as NFS exports actually do. Reported by: cy Tested by: cy Fixes: ea26c0e79752 ("cred: crextend(): Harden, simplify") Pointy hat to: olce While here, as I forgot these credits in commit 5169d4307eb9 ("nfs: Fallback to GID_NOGROUP on no groups"): Tested by: cy, David Wolfskill (panics caused by mountd(8)) Tested by: kib (MINIMAL/custom kernel compile breakup) (cherry picked from commit 169a10853a50f9bbb037492e6f2737cce10f6b99) Approved by: markj (mentor) --- sys/kern/kern_prot.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index e62efb285698..482472025fdd 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -2215,16 +2215,14 @@ void crcopy(struct ucred *dest, struct ucred *src) { + /* + * Ideally, 'cr_ngroups' should be moved out of 'struct ucred''s bcopied + * area, but this would break the ABI, so is deferred until there is + * a compelling need to change it. + */ bcopy(&src->cr_startcopy, &dest->cr_startcopy, (unsigned)((caddr_t)&src->cr_endcopy - (caddr_t)&src->cr_startcopy)); - /* - * Avoids an assertion in crsetgroups() -> crextend(). Ideally, - * 'cr_ngroups' should be moved out of 'struct ucred''s bcopied area, - * but this would break the ABI, so is deferred until there is a real - * need to change the ABI. - */ - dest->cr_ngroups = 0; crsetgroups(dest, src->cr_ngroups, src->cr_groups); uihold(dest->cr_uidinfo); uihold(dest->cr_ruidinfo); @@ -2483,6 +2481,13 @@ crsetgroups(struct ucred *cr, int ngrp, const gid_t *groups) if (ngrp > ngroups_max + 1) ngrp = ngroups_max + 1; + /* + * crextend() asserts that groups are not set, as it may allocate a new + * backing storage without copying the content of the old one. Since we + * are going to install a completely new set anyway, signal that we + * consider the old ones thrown away. + */ + cr->cr_ngroups = 0; crextend(cr, ngrp); crsetgroups_internal(cr, ngrp, groups); groups_normalize(&cr->cr_ngroups, cr->cr_groups);