kernel: make groups_sort calling a responsibility group_info allocators

In testing, we found that nfsd threads may call set_groups in parallel for the same entry cached in auth.unix.gid, racing in the call of groups_sort, corrupting the groups for that entry and leading to permission denials for the client. This patch: - Make groups_sort globally visible. - Move the call to groups_sort to the modifiers of group_info - Remove the call to groups_sort from set_groups Link: http://lkml.kernel.org/r/20171211151420.18655-1-thiago.becker@gmail.com Signed-off-by: Thiago Rafael Becker <thiago.becker@gmail.com> Reviewed-by: Matthew Wilcox <mawilcox@microsoft.com> Reviewed-by: NeilBrown <neilb@suse.com> Acked-by: "J. Bruce Fields" <bfields@fieldses.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
author: Thiago Rafael Becker <thiago.becker@gmail.com> 2017-12-14 18:33:12 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2017-12-14 19:00:49 -0500
commit: bdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758 (patch)
tree: 942b1b8fa9b1e52503d5f9894d43674255813566 /kernel/groups.c
parent: 1f704fd0d14043e76e80f6b8b2251b9b2cedcca6 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/kernel/groups.c b/kernel/groups.c
index e357bc800111..daae2f2dc6d4 100644
--- a/kernel/groups.c
+++ b/kernel/groups.c
@@ -86,11 +86,12 @@ static int gid_cmp(const void *_a, const void *_b)
        return gid_gt(a, b) - gid_lt(a, b);
 }
-static void groups_sort(struct group_info *group_info)
+void groups_sort(struct group_info *group_info)
 {
        sort(group_info->gid, group_info->ngroups, sizeof(*group_info->gid),
             gid_cmp, NULL);
 }
+EXPORT_SYMBOL(groups_sort);
 /* a simple bsearch */
 int groups_search(const struct group_info *group_info, kgid_t grp)
@@ -122,7 +123,6 @@ int groups_search(const struct group_info *group_info, kgid_t grp)
 void set_groups(struct cred *new, struct group_info *group_info)
 {
        put_group_info(new->group_info);
-        groups_sort(group_info);
        get_group_info(group_info);
        new->group_info = group_info;
 }
@@ -206,6 +206,7 @@ SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist)
                return retval;
        }
+        groups_sort(group_info);
        retval = set_current_groups(group_info);
        put_group_info(group_info);
author	Thiago Rafael Becker <thiago.becker@gmail.com>	2017-12-14 18:33:12 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2017-12-14 19:00:49 -0500
commit	bdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758 (patch)
tree	942b1b8fa9b1e52503d5f9894d43674255813566 /kernel/groups.c
parent	1f704fd0d14043e76e80f6b8b2251b9b2cedcca6 (diff)