summaryrefslogtreecommitdiffstats
path: root/kernel/uid16.c
diff options
context:
space:
mode:
authorThiago Rafael Becker <thiago.becker@gmail.com>2017-12-15 00:33:12 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2017-12-15 01:00:49 +0100
commitbdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758 (patch)
tree942b1b8fa9b1e52503d5f9894d43674255813566 /kernel/uid16.c
parentmm/frame_vector.c: release a semaphore in 'get_vaddr_frames()' (diff)
downloadlinux-bdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758.tar.xz
linux-bdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758.zip
kernel: make groups_sort calling a responsibility group_info allocators
In testing, we found that nfsd threads may call set_groups in parallel for the same entry cached in auth.unix.gid, racing in the call of groups_sort, corrupting the groups for that entry and leading to permission denials for the client. This patch: - Make groups_sort globally visible. - Move the call to groups_sort to the modifiers of group_info - Remove the call to groups_sort from set_groups Link: http://lkml.kernel.org/r/20171211151420.18655-1-thiago.becker@gmail.com Signed-off-by: Thiago Rafael Becker <thiago.becker@gmail.com> Reviewed-by: Matthew Wilcox <mawilcox@microsoft.com> Reviewed-by: NeilBrown <neilb@suse.com> Acked-by: "J. Bruce Fields" <bfields@fieldses.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/uid16.c')
-rw-r--r--kernel/uid16.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/kernel/uid16.c b/kernel/uid16.c
index ce74a4901d2b..ef1da2a5f9bd 100644
--- a/kernel/uid16.c
+++ b/kernel/uid16.c
@@ -192,6 +192,7 @@ SYSCALL_DEFINE2(setgroups16, int, gidsetsize, old_gid_t __user *, grouplist)
return retval;
}
+ groups_sort(group_info);
retval = set_current_groups(group_info);
put_group_info(group_info);