diff options
author | Chuck Lever <chuck.lever@oracle.com> | 2023-01-08 17:30:03 +0100 |
---|---|---|
committer | Chuck Lever <chuck.lever@oracle.com> | 2023-02-20 15:20:28 +0100 |
commit | 3b03f3c5d4dbed658ef9a76c3475b2fb37d46451 (patch) | |
tree | 63fa1108602b27f4890ca7048c176cb2993358b3 /net/sunrpc | |
parent | SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_null_accept() (diff) | |
download | linux-3b03f3c5d4dbed658ef9a76c3475b2fb37d46451.tar.xz linux-3b03f3c5d4dbed658ef9a76c3475b2fb37d46451.zip |
SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_unix_accept()
Done as part of hardening the server-side RPC header encoding path.
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat (limited to 'net/sunrpc')
-rw-r--r-- | net/sunrpc/svcauth_unix.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c index b24d6c75588f..e3981e124042 100644 --- a/net/sunrpc/svcauth_unix.c +++ b/net/sunrpc/svcauth_unix.c @@ -894,7 +894,6 @@ struct auth_ops svcauth_tls = { static int svcauth_unix_accept(struct svc_rqst *rqstp) { - struct kvec *resv = &rqstp->rq_res.head[0]; struct xdr_stream *xdr = &rqstp->rq_arg_stream; struct svc_cred *cred = &rqstp->rq_cred; struct user_namespace *userns; @@ -956,12 +955,12 @@ svcauth_unix_accept(struct svc_rqst *rqstp) return SVC_DENIED; } - /* Put NULL verifier */ - svc_putnl(resv, RPC_AUTH_NULL); - svc_putnl(resv, 0); + svcxdr_init_encode(rqstp); + if (xdr_stream_encode_opaque_auth(&rqstp->rq_res_stream, + RPC_AUTH_NULL, NULL, 0) < 0) + return SVC_CLOSE; rqstp->rq_cred.cr_flavor = RPC_AUTH_UNIX; - svcxdr_init_encode(rqstp); return SVC_OK; badcred: |