Commit 0c217d50 authored by NeilBrown's avatar NeilBrown Committed by Chuck Lever

SUNRPC: improve error response to over-size gss credential

When the NFS server receives a large gss (kerberos) credential and tries
to pass it up to rpc.svcgssd (which is deprecated), it triggers an
infinite loop in cache_read().

cache_request() always returns -EAGAIN, and this causes a "goto again".

This patch:
 - changes the error to -E2BIG to avoid the infinite loop, and
 - generates a WARN_ONCE when rsi_request first sees an over-sized
   credential.  The warning suggests switching to gssproxy.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=196583Signed-off-by: default avatarNeilBrown <neilb@suse.de>
Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
parent e38b3f20
...@@ -194,6 +194,8 @@ static void rsi_request(struct cache_detail *cd, ...@@ -194,6 +194,8 @@ static void rsi_request(struct cache_detail *cd,
qword_addhex(bpp, blen, rsii->in_handle.data, rsii->in_handle.len); qword_addhex(bpp, blen, rsii->in_handle.data, rsii->in_handle.len);
qword_addhex(bpp, blen, rsii->in_token.data, rsii->in_token.len); qword_addhex(bpp, blen, rsii->in_token.data, rsii->in_token.len);
(*bpp)[-1] = '\n'; (*bpp)[-1] = '\n';
WARN_ONCE(*blen < 0,
"RPCSEC/GSS credential too large - please use gssproxy\n");
} }
static int rsi_parse(struct cache_detail *cd, static int rsi_parse(struct cache_detail *cd,
......
...@@ -803,7 +803,7 @@ static int cache_request(struct cache_detail *detail, ...@@ -803,7 +803,7 @@ static int cache_request(struct cache_detail *detail,
detail->cache_request(detail, crq->item, &bp, &len); detail->cache_request(detail, crq->item, &bp, &len);
if (len < 0) if (len < 0)
return -EAGAIN; return -E2BIG;
return PAGE_SIZE - len; return PAGE_SIZE - len;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment