nfsd: -EINVAL on invalid anonuid/gid instead of silent failure

If we're going to refuse to accept these it would be polite of us to at
least say so....

This introduces a slight complication since we need to grandfather in
exportfs's ill-advised use of -1 uid and gid on its test_export.

If it turns out there are other users passing down -1 we may need to
do something else.

Best might be to drop the checks entirely, but I'm not sure if other
parts of the kernel might assume that a task can't run as uid or gid -1.

Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>

1 files changed, 9 insertions, 0 deletions

diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c
index af51cf9bf2e3..8513c598fabf 100644
--- a/fs/nfsd/export.c
+++ b/fs/nfsd/export.c
@@ -580,16 +580,25 @@ static int svc_export_parse(struct cache_detail *cd, char *mesg, int mlen)
                 if (err)
                         goto out4;
                 /*
+                 * No point caching this if it would immediately expire.
+                 * Also, this protects exportfs's dummy export from the
+                 * anon_uid/anon_gid checks:
+                 */
+                if (exp.h.expiry_time < seconds_since_boot())
+                        goto out4;
+                /*
                  * For some reason exportfs has been passing down an
                  * invalid (-1) uid & gid on the "dummy" export which it
                  * uses to test export support.  To make sure exportfs
                  * sees errors from check_export we therefore need to
                  * delay these checks till after check_export:
                  */
+                err = -EINVAL;
                 if (!uid_valid(exp.ex_anon_uid))
                         goto out4;
                 if (!gid_valid(exp.ex_anon_gid))
                         goto out4;
+                err = 0;
         }
 
         expp = svc_export_lookup(&exp);