Hello,
People in linux-nfs seem happy with this patch set. I'm looking for
comments from VFS and s390 maintainers.
Thanks,
trbecker
---------- Forwarded message ----------
Date: Tue, 5 Dec 2017 12:05:09 -0200
From: Thiago Rafael Becker <thiago.becker@xxxxxxxxx>
To: bfields@xxxxxxxxxxxx, neilb@xxxxxxxx
Cc: linux-nfs@xxxxxxxxxxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx,
linux-kernel@xxxxxxxxxxxxxxx, Thiago Rafael Becker <thiago.becker@xxxxxxxxx>
Subject: [PATCH 0/3 v3] Move groups_sort outisde of set_groups
In cases where group_info is cached (e.g. sunrpc), multiplpe
threads may call set_groups with a freshly created group_info
cache (e.g. nfsd), and attempt to sort them simultaneously,
which configures a race condition that can overwrite some
groups in the cache and lead to errors. In the case of nfsd,
the client was receiving EPERM if the group used to provide
authorization was overwritten by this race condition.
In an email exchange with bfields, we agreed that it seems
unintuitive that the groups are sorted on set_groups, and that
it would be better to move the responsibility of sorting to
the caller of set_groups.
These patches:
- Export groups_sort in include/linux/cred.h
- Add a call to groups_sort after the groups are inserted in
group_info
- Remove the call to sort_groups from set_groups
Thiago Rafael Becker (3):
kernel: make groups_sort globally visible
kernel: Move groups_sort to the caller of set_groups.
kernel: set_groups doesn't call groups_sort anymore.
include/linux/cred.h | 1 +
kernel/groups.c | 6 ++++--
kernel/uid16.c | 1 +
net/sunrpc/svcauth_unix.c | 7 +++++++
4 files changed, 13 insertions(+), 2 deletions(-)
--
2.9.5
