On Thu, Feb 07, 2013 at 09:51:39AM -0500, Jeff Layton wrote: > This patchset is a respin of the ones that Bruce has not yet committed > of my DRC overhaul. The main difference is the first patch, which adds a > routine to strip the trailing checksum off of decrypted or > integrity-verified buffer. > > I've tested both the client and server with different krb5 flavors (and > using both the v1 and v2 codepaths) and it seems to work fine with those > checksum blobs stripped off. > > I think we should consider this for 3.9 since XID collisions are a lot > more likely now with the new DRC code in place. Looks good--applying for 3.9 absent any objections. --b. > > Jeff Layton (2): > sunrpc: trim off trailing checksum before returning decrypted or > integrity authenticated buffer > nfsd: keep a checksum of the first 256 bytes of request > > fs/nfsd/cache.h | 5 ++++ > fs/nfsd/nfscache.c | 53 ++++++++++++++++++++++++++++++++++--- > include/linux/sunrpc/xdr.h | 1 + > net/sunrpc/auth_gss/gss_krb5_wrap.c | 2 ++ > net/sunrpc/auth_gss/svcauth_gss.c | 10 +++++-- > net/sunrpc/xdr.c | 42 +++++++++++++++++++++++++++++ > 6 files changed, 107 insertions(+), 6 deletions(-) > > -- > 1.7.11.7 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
