From nobody Fri Nov 15 10:49:06 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XqYfq5GFBz5d07S; Fri, 15 Nov 2024 10:49:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XqYfq1NK7z4Wwn; Fri, 15 Nov 2024 10:49:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731667747; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cms8tnsOxLLYsz84NdMJW8EifNHcNly5ILpRHwyDdQ0=; b=HNp9hmpYLAoPWQuEfchpK2wXyV96iGtL9tsWlLi6KVUFNbhg2Vaoa8Sqzf+e9IGiFxsak6 W6DhKBOMiUgKkJhZMAwsYaXLT8kMiB1pfr/3j0LyFvNPqIGVD85WLsbVRvczBbOuFVe4ZF 5Z9wvBap0/WSOLJHb0mIM2VpLvWE8fPmq3qD6qELdz6YTBLd0o+/9/fvF6mQasPZ6yeZ6r uvEoQNiU25dLW0Fu3y8Fl65OpZZA4lRN1pEhjdB3W8moxxvFYpMDVSS/GcbaY3gBV3H6zj HuiK3SQwSQPB8/7sOFkddB2S+B+zh/DDeNxGA/JOVGx+w+sNuOZYBIk81th0Vg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731667747; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cms8tnsOxLLYsz84NdMJW8EifNHcNly5ILpRHwyDdQ0=; b=YNLgMsrV0MdLy2xQOt+ko0G66hub/MP6x92yEjawnLNi8UAugpK3YtGZeVqZ7JMGlz+ddI UKgZaN1sMUdQy7NEQZCzcos6VHLxr4KRmppr6lRjgl+D+GJ4YMjEpKXKuyGf3pUtHafZDl zcDPHeHZH2/MDMpsTk5NIy25cfGFJ5RZnUdOlH2mdoXrTDXvvFwvGujcY5Xf9Q1h+HORt7 b2gpjbk7y0HV6R1CRP5w6YTnE5dFBgqGBLY2xTT7mDO0IdqyhZAJGdTYanz7H2nb394wK+ v/QjME7kim6GfhhPJVAkHdZ6Mg8jy/govarDf4M6xzFF82eWNcmC6QyKNMJwOg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1731667747; a=rsa-sha256; cv=none; b=DfJd2dSgzdXe9NiWu5qm6sOTybU5gH7Z3UlVm9WjQkCAHBBggULxdRxXtlCKsR7E4M3t8Q pif2XGwYawhggL2NKSiSJuryxljjCvdWk208aTCil5m0UW1gXAMHDWugui8xWUmHTCHH2V f4t2LuSjv83QcRb1c325c/xGayFcyoXbsfsuh0JWeUfrnEGCEpThe/wS4hhdjFtXZYkyuF E13lznchZjkZ0fPBxLSvpiSWsCRgXTgqxt7JTzFJedB7+X1u6pRespE+/MpE0GaWTzPqZY uMlvu4esrp/CRmUuq0IamAXFIPaPGonrxI7wuTQfqRpL/crTqNIAV1mxdLH0AA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XqYfq04J7zKlJ; Fri, 15 Nov 2024 10:49:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AFAn66S018406; Fri, 15 Nov 2024 10:49:06 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AFAn6i9018403; Fri, 15 Nov 2024 10:49:06 GMT (envelope-from git) Date: Fri, 15 Nov 2024 10:49:06 GMT Message-Id: <202411151049.4AFAn6i9018403@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 9ee0b40e4a51 - stable/14 - cred: crsetgroups(): Throw away old groups before crextend() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 9ee0b40e4a5198bd6e17c0d7b4251f5fc9d59add Auto-Submitted: auto-generated The branch stable/14 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=9ee0b40e4a5198bd6e17c0d7b4251f5fc9d59add commit 9ee0b40e4a5198bd6e17c0d7b4251f5fc9d59add Author: Olivier Certner AuthorDate: 2024-11-03 18:04:02 +0000 Commit: Olivier Certner CommitDate: 2024-11-15 10:47:43 +0000 cred: crsetgroups(): Throw away old groups before crextend() Now that crextend() asserts that groups are not set (rightfully so, since it may change the backing storage without copying the content of the old one), have crsetgroups() throw away the old groups before calling it, as it installs an entirely new set anyway. This allows to reuse unshared credentials by resetting their groups set, as NFS exports actually do. Reported by: cy Tested by: cy Fixes: ea26c0e79752 ("cred: crextend(): Harden, simplify") Pointy hat to: olce While here, as I forgot these credits in commit 5169d4307eb9 ("nfs: Fallback to GID_NOGROUP on no groups"): Tested by: cy, David Wolfskill (panics caused by mountd(8)) Tested by: kib (MINIMAL/custom kernel compile breakup) (cherry picked from commit 169a10853a50f9bbb037492e6f2737cce10f6b99) Approved by: markj (mentor) --- sys/kern/kern_prot.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 60452ddb6a48..85c38c474df5 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -2217,16 +2217,14 @@ void crcopy(struct ucred *dest, struct ucred *src) { + /* + * Ideally, 'cr_ngroups' should be moved out of 'struct ucred''s bcopied + * area, but this would break the ABI, so is deferred until there is + * a compelling need to change it. + */ bcopy(&src->cr_startcopy, &dest->cr_startcopy, (unsigned)((caddr_t)&src->cr_endcopy - (caddr_t)&src->cr_startcopy)); - /* - * Avoids an assertion in crsetgroups() -> crextend(). Ideally, - * 'cr_ngroups' should be moved out of 'struct ucred''s bcopied area, - * but this would break the ABI, so is deferred until there is a real - * need to change the ABI. - */ - dest->cr_ngroups = 0; dest->cr_flags = src->cr_flags; crsetgroups(dest, src->cr_ngroups, src->cr_groups); uihold(dest->cr_uidinfo); @@ -2486,6 +2484,13 @@ crsetgroups(struct ucred *cr, int ngrp, const gid_t *groups) if (ngrp > ngroups_max + 1) ngrp = ngroups_max + 1; + /* + * crextend() asserts that groups are not set, as it may allocate a new + * backing storage without copying the content of the old one. Since we + * are going to install a completely new set anyway, signal that we + * consider the old ones thrown away. + */ + cr->cr_ngroups = 0; crextend(cr, ngrp); crsetgroups_internal(cr, ngrp, groups); groups_normalize(&cr->cr_ngroups, cr->cr_groups);