From nobody Tue Jan  2 01:22:22 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4T3w7f6BCTz5645q;
	Tue,  2 Jan 2024 01:22:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4T3w7f5M7hz4DbF;
	Tue,  2 Jan 2024 01:22:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1704158542;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=x1upFqhGpQRX7NVi5CfB6uielNg34SA3qB4uUP77KME=;
	b=gw5nt2Fhp2niOq0PaNXL7DeX+JB6itaY7Pqke6C7g1lF+suC+13Ytf47P/wgeSNzn6hriG
	vUkiDYWWnDYkfjY7pM8mx/FqeYVaJTKhTV1BmkcdzUdfaaQ1qwN6t3posBF7TVS80xxUPR
	Wx7N0w6QE3RB/HCBjzk9toJLqgWmEANzR9+DTBkKTGwKimY2fTlxqILn5Oyhvi1bZFKIrI
	OsBejKgJ+I8jUSr/gKOldLitflOHVgZt/efV5WoDCmYn8rJiAf6d3hInam/ZlVP6l5EQjp
	dO6ewJD38UixdSTmv9Ux0+V3BTT2ACJEnGjXqleysSnRWPAD1FwCFpdQQZ8cxw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1704158542; a=rsa-sha256; cv=none;
	b=kDABG7acckMFNrajXvEV2/WfRrQkDuer/LxsX8nuYxjrAAfkSFyB2nOoN1c1nHbmIabpoU
	/Fdng9yKBdwMUs9q6QT/Veq9N8cKJ+azmc+5GdzDFRs54xz3ma1TIQ+16pC6gnZPGkQjsv
	h9wzEbRWFEbN2kkdc67o6p9Ruf89a1iuudllHsGNVWYeWHdd08uoIOH2l7l7JU/U9Z+WlN
	FLwvBmaf8z7SOBCbmvTpADWLuOnqFRnvwbSwxJvPnoQrkdcBzV8Wopdbcc3EpdjuDZOJUk
	rwT+M96bShJmCqJjiUY5JxX8A4JQAgGZWJ32QbSoTfB9p+eyz8HoZT14cPVj6w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1704158542;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=x1upFqhGpQRX7NVi5CfB6uielNg34SA3qB4uUP77KME=;
	b=DpGiO8seSNBDh+1pmcxf4AHGg72iIYL0qvy+ByVJAUiKhwfpR7lcqPmXrA5ihsskov1d1K
	lU1dP/Nc/7pbAyKWLfsvbCt9oxGSu0v69lL+Ss5GlQd2iP6OLLIp8/Zc6cABi0XRGD/605
	zW/zzn9roLDu3sxwOv2nhf6B37sjcJi2sNjH8U7XvzDNR7eL/d/2EROUykD2IhIGBSJQr7
	ShrDB9bnsDJOh48nuWlNibegMqz9pmlUY5iUljqaYu4Yi2LPR4eF9sAUdcSmYFPW/vA1JC
	YkmhtsYbWM++/gU76WXGmFO5glCQ+WhOoEPHyvMk5FEgeuiUPKO21hpnt3Wwkw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4T3w7f46FQzh6S;
	Tue,  2 Jan 2024 01:22:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 4021MMt6072603;
	Tue, 2 Jan 2024 01:22:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 4021MMip072600;
	Tue, 2 Jan 2024 01:22:22 GMT
	(envelope-from git)
Date: Tue, 2 Jan 2024 01:22:22 GMT
Message-Id: <202401020122.4021MMip072600@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: dabf1797a76a - stable/14 - nfscl: Fix handling of
  expired Kerberos credentials (NFSv4.1/4.2)
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: dabf1797a76a7c87b8f38fb300fb03f20cf6f973
Auto-Submitted: auto-generated

The branch stable/14 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=dabf1797a76a7c87b8f38fb300fb03f20cf6f973

commit dabf1797a76a7c87b8f38fb300fb03f20cf6f973
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-12-26 22:33:39 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2024-01-02 01:20:17 +0000

    nfscl: Fix handling of expired Kerberos credentials (NFSv4.1/4.2)
    
    If the NFS server detects that the Kerberos credentials provided
    by a NFSv4.1/4.2 mount using sec=krb5[ip] have expired, the NFS
    server replies with a krpc layer error of RPC_AUTHERROR.
    When this happened, the client erroneously left the NFSv4.1/4.2
    session slot busy, so that it could not be used by other RPCs.
    If this happened for all session slots, the mount point would
    hang.
    
    This patch fixes the problem by releasing the session slot
    and resetting its sequence# upon receiving a RPC_AUTHERROR
    reply.
    
    This bug only affects NFSv4.1/4.2 mounts using sec=krb5[ip],
    but has existed since NFSv4.1 client support was added to
    FreeBSD.
    
    So, why has the bug remained undetected for so long?
    I cannot be sure, but I suspect that, often, the client detected
    the Kerberos credential expiration before attempting the RPC.
    For this case, the client would not do the RPC and, as such,
    there would be no busy session slot.  Also, no hang would
    occur until all session slots are busied (64 for a FreeBSD
    client/server), so many cases of the bug probably went undetected?
    Also, use of sec=krb5[ip] mounts are not that common.
    
    PR:     275905
    
    (cherry picked from commit a558130881e9d574dc5f37827fe2284667d5aba8)
---
 sys/fs/nfs/nfs_commonkrpc.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/sys/fs/nfs/nfs_commonkrpc.c b/sys/fs/nfs/nfs_commonkrpc.c
index 7ca150d4f54c..e5c658ce76d2 100644
--- a/sys/fs/nfs/nfs_commonkrpc.c
+++ b/sys/fs/nfs/nfs_commonkrpc.c
@@ -1047,6 +1047,22 @@ tryagain:
 			NFSINCRGLOBAL(nfsstatsv1.rpcinvalid);
 			error = ENXIO;
 		}
+	} else if (stat == RPC_AUTHERROR) {
+		/* Check for a session slot that needs to be free'd. */
+		if ((nd->nd_flag & (ND_NFSV41 | ND_HASSLOTID)) ==
+		    (ND_NFSV41 | ND_HASSLOTID) && nmp != NULL &&
+		    nd->nd_procnum != NFSPROC_NULL) {
+			/*
+			 * This can occur when a Kerberos/RPCSEC_GSS session
+			 * expires, due to TGT expiration.
+			 * Free the slot, resetting the slot's sequence#.
+			 */
+			if (sep == NULL)
+				sep = nfsmnt_mdssession(nmp);
+			nfsv4_freeslot(sep, nd->nd_slotid, true);
+		}
+		NFSINCRGLOBAL(nfsstatsv1.rpcinvalid);
+		error = EACCES;
 	} else {
 		NFSINCRGLOBAL(nfsstatsv1.rpcinvalid);
 		error = EACCES;