From: Steve French <smfrench@gmail.com>
To: Shyam Prasad N <nspmangalore@gmail.com>
Cc: CIFS <linux-cifs@vger.kernel.org>
Subject: 2 error cases in sid_to_id are ignored
Date: Mon, 21 Jun 2021 15:57:05 -0500 [thread overview]
Message-ID: <CAH2r5mu4uEOP4r-KnF+bZGqPjdRwkaZanD1sE_JHuoK=jB_nnA@mail.gmail.com> (raw)
There are two cases (see below) in sid_to_id where errors occur
mapping the uid but the rc which is set is overwritten (reset to 0
before return).
saved_cred = override_creds(root_cred);
sidkey = request_key(&cifs_idmap_key_type, sidstr, "");
if (IS_ERR(sidkey)) {
rc = -EINVAL;
cifs_dbg(FYI, "%s: Can't map SID %s to a %cid\n",
__func__, sidstr, sidtype == SIDOWNER ? 'u' : 'g');
goto out_revert_creds;
}
/*
* FIXME: Here we assume that uid_t and gid_t are same size. It's
* probably a safe assumption but might be better to check based on
* sidtype.
*/
BUILD_BUG_ON(sizeof(uid_t) != sizeof(gid_t));
if (sidkey->datalen != sizeof(uid_t)) {
rc = -EIO;
cifs_dbg(FYI, "%s: Downcall contained malformed key
(datalen=%hu)\n",
__func__, sidkey->datalen);
key_invalidate(sidkey);
goto out_key_put;
}
since later in the function we do:
out_key_put:
key_put(sidkey);
out_revert_creds:
revert_creds(saved_cred);
kfree(sidstr);
/*
* Note that we return 0 here unconditionally. If the mapping
* fails then we just fall back to using the ctx->linux_uid/linux_gid.
*/
got_valid_id:
rc = 0;
if (sidtype == SIDOWNER)
fattr->cf_uid = fuid;
else
fattr->cf_gid = fgid;
return rc;
}
Any thoughts on whether it would be better to return the errors, or
continue the current strategy of simply using the default uid/gid for
the mount and returning 0 (and removing the two places above where we
set rc to non zero values, since rc will be overwritten with 0)?
--
Thanks,
Steve
next reply other threads:[~2021-06-21 20:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-21 20:57 Steve French [this message]
2021-06-22 10:18 ` 2 error cases in sid_to_id are ignored Aurélien Aptel
2021-06-22 19:05 ` Steve French
2021-06-22 19:16 ` Steve French
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAH2r5mu4uEOP4r-KnF+bZGqPjdRwkaZanD1sE_JHuoK=jB_nnA@mail.gmail.com' \
--to=smfrench@gmail.com \
--cc=linux-cifs@vger.kernel.org \
--cc=nspmangalore@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).