-
-
usr/src/uts/common/rpc/sec/auth_kern.c (Diff revision 1) It looks like this is excessive. startpos is always zero here. Isn't it?
AUTH_SYS and AUTH_LOOPBACK marshalling fixes in the kernel RPC client code (8106, 8109)
Review Request #447 — Created April 27, 2017 and submitted
Information | |
---|---|
marcel | |
illumos-gate | |
master | |
8106, 8109 | |
905c868... | |
Reviewers | |
general | |
This fixes two bugs in the kernel AUTH_SYS and AUTH_LOOPBACK marshalling code. Only the RPC client side is affected. Bug #8106 addresses a case when the authloopback_marshal() function can generate too big authentication data in the output stream. Such stream violates RFC 5531 and should not by accepted by any conforming RPC server. With the fix the oversized auth data are not generated and the authloopback_marshal() function fails. In #8109 the kernel AUTH_SYS and AUTH_LOOPBACK implementation can ignore provided credentials in some special cases and use credentials of the current thread instead. This can cause the RPC operation failure due to authentication issues for kernel RPC clients. Fortunately, I didn't found any code path that might trigger this issue, but I must admit that I didn't tried very hard.
Testing using the module.c file attached to bug #8106: Without the fix: Apr 26 16:00:37 t4 module: [ID 378104 kern.info] NOTICE: AUTH_LOOPBACK, 70 groups, xdrmem success: 000055de 00000190 Apr 26 16:00:37 t4 module: [ID 618828 kern.info] NOTICE: AUTH_LOOPBACK, 70 groups, xdrmblk success: 000055de 000000a4 Apr 26 16:00:37 t4 module: [ID 633239 kern.info] NOTICE: AUTH_LOOPBACK, 80 groups, xdrmem success: 000055de 000001b8 Apr 26 16:00:37 t4 module: [ID 767423 kern.info] NOTICE: AUTH_LOOPBACK, 80 groups, xdrmblk success: 000055de 000000a4 Apr 26 16:00:37 t4 module: [ID 398392 kern.info] NOTICE: AUTH_SYS, 80 groups, xdrmem success: 00000001 000000b8 Apr 26 16:00:37 t4 module: [ID 301671 kern.info] NOTICE: AUTH_SYS, 80 groups, xdrmblk success: 00000001 000000a4 With the fix: Apr 27 16:12:54 openindiana module: [ID 378104 kern.info] NOTICE: AUTH_LOOPBACK, 70 groups, xdrmem success: 000055de 00000190 Apr 27 16:12:54 openindiana module: [ID 618828 kern.info] NOTICE: AUTH_LOOPBACK, 70 groups, xdrmblk success: 000055de 00000190 Apr 27 16:12:54 openindiana module: [ID 983455 kern.info] NOTICE: AUTH_LOOPBACK, 80 groups, xdrmem FAILED Apr 27 16:12:54 openindiana module: [ID 575630 kern.info] NOTICE: AUTH_LOOPBACK, 80 groups, xdrmblk FAILED Apr 27 16:12:54 openindiana module: [ID 398392 kern.info] NOTICE: AUTH_SYS, 80 groups, xdrmem success: 00000001 000000b8 Apr 27 16:12:54 openindiana module: [ID 301671 kern.info] NOTICE: AUTH_SYS, 80 groups, xdrmblk success: 00000001 000000b8 I also tested the basic NFS functionality to make sure there is no regression introduced by this fix.
-
-
usr/src/uts/common/rpc/sec/auth_kern.c (Diff revision 1) Note to myself: If I'll update this change I should add an assert here that we are encoding. Something like
ASSERT(xdrs->x_op == XDR_ENCODE)
. -
usr/src/uts/common/rpc/sec/auth_loopb.c (Diff revision 1) Note to myself: If I'll update this change I should add an assert here that we are encoding. Something like
ASSERT(xdrs->x_op == XDR_ENCODE)
.
Change Summary:
Added
ASSERT(xdrs->x_op == XDR_ENCODE)
.
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 2 (+155 -82) |
-
-
usr/src/uts/common/rpc/sec/auth_kern.c (Diff revision 2) perhaps it is better to #define the name for the constant? NFIELDS or something...
-
usr/src/uts/common/rpc/sec/auth_kern.c (Diff revision 2) it will help the reader to use (rounded_namelen - namelen) > 0 - of course it is just minor nit:)
Change Summary:
Feedback from Toomas.
Description: |
|
|||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commit: |
|
|||||||||||||||||||||||||||||||||||||||||||||
Diff: |
Revision 3 (+157 -82) |
Status: Closed (submitted)
Change Summary:
commit 6dd72a43d2e43185833c20e7f0c4cb88a4d37ec8 Author: Marcel Telka <marcel@telka.sk> AuthorDate: Wed May 24 07:32:14 2017 +0200 Commit: Dan McDonald <danmcd@joyent.com> CommitDate: Tue Jun 13 10:37:46 2017 -0400 8106 authloopback_marshal() can violate the RPC specification 8109 Kernel AUTH_SYS and AUTH_LOOPBACK implementation can ignore provided credentials Reviewed by: Toomas Soome <tsoome@me.com> Reviewed by: Jason King <jason.brian.king+illumos@gmail.com> Approved by: Dan McDonald <danmcd@joyent.com> :100644 100644 5f163d2... ef66402... M usr/src/uts/common/rpc/auth_sys.h :100644 100644 e045c1c... 2c3286d... M usr/src/uts/common/rpc/sec/auth_kern.c :100644 100644 8e4e452... ab53181... M usr/src/uts/common/rpc/sec/auth_loopb.c :100644 100644 dbc719e... 8b0bf90... M usr/src/uts/common/rpc/sec/authu_prot.c