8085 Handle RPC groups better

Reviewed by: "Joshua M. Clulow" <josh@sysmgr.org> Reviewed by: Paul Dagnelie <pcd@delphix.com> Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com> Approved by: Dan McDonald <danmcd@omniti.com>
author: Alex Wilson <alex.wilson@joyent.com> 2017-04-20 15:30:11 -0400
committer: Dan McDonald <danmcd@omniti.com> 2017-04-20 15:32:26 -0400
commit: b1cdc7203182cbb9ef6b7bc6085ee5b8dbee793b (patch)
tree: 9cbe7ecb846fc5f26d0efa6735d58ae81f58441f /usr/src/uts/common/rpc
parent: def4fac5882b4ca67bd0f4a53509b6d1fa8ae14e (diff)
download: illumos-joyent-b1cdc7203182cbb9ef6b7bc6085ee5b8dbee793b.tar.gz
5 files changed, 33 insertions, 8 deletions
diff --git a/usr/src/uts/common/rpc/auth.h b/usr/src/uts/common/rpc/auth.h
index 1af0c65857..bf4a97cfe9 100644
--- a/usr/src/uts/common/rpc/auth.h
+++ b/usr/src/uts/common/rpc/auth.h
@@ -20,6 +20,7 @@
  */
 /*
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2017 Joyent Inc
  * Use is subject to license terms.
  */
 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
@@ -53,10 +54,23 @@
 extern "C" {
 #endif
 
-#define	MAX_AUTH_BYTES	400
+#define	MAX_AUTH_BYTES	400	/* maximum length of an auth type, from RFC */
 #define	MAXNETNAMELEN	255	/* maximum length of network user's name */
 
 /*
+ * NOTE: this value *must* be kept larger than the maximum size of all the
+ * structs that rq_clntcred is cast to in the different authentication types.
+ * If changes are made to any of these *_area structs, double-check they all
+ * still fit. If any new authentication mechanisms are added, add a note here.
+ *
+ * Currently these structs can be found in:
+ *  - __svcauth_sys (svc_auth_sys.c)
+ *  - __svcauth_des (svcauth_des.c)
+ *  - __svcauth_loopback (svc_auth_loopb.c)
+ */
+#define	RQCRED_SIZE	700	/* size allocated for rq_clntcred */
+
+/*
  *  Client side authentication/security data
  */
 typedef struct sec_data {
diff --git a/usr/src/uts/common/rpc/auth_sys.h b/usr/src/uts/common/rpc/auth_sys.h
index 157546842b..df1809068e 100644
--- a/usr/src/uts/common/rpc/auth_sys.h
+++ b/usr/src/uts/common/rpc/auth_sys.h
@@ -21,6 +21,7 @@
 
 /*
  * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
+ * Copyright 2017 Joyent Inc
  */
 
 /*
@@ -65,9 +66,6 @@ extern "C" {
 /* gids compose part of a credential; there may not be more than 16 of them */
 #define	 NGRPS 16
 
-/* gids compose part of a credential */
-#define	 NGRPS_LOOPBACK NGROUPS_UMAX
-
 /*
  * "sys" (Old UNIX) style credentials.
  */
@@ -82,6 +80,17 @@ struct authsys_parms {
 /* For backward compatibility */
 #define	 authunix_parms authsys_parms
 
+/*
+ * Ideally, we would like this to be NGROUPS_UMAX, but the RFC mandates that
+ * auth sections must not exceed 400 bytes. For AUTH_LOOPBACK, that means the
+ * largest number of groups we can have without breaking RFC compat is 92
+ * groups.
+ *
+ * NOTE: changing this value changes the size of authlpbk_area in
+ * svc_auth_loopb.c, which means RQCRED_SIZE *must* be updated!
+ */
+#define	 NGRPS_LOOPBACK 92
+
 #ifdef __STDC__
 extern bool_t xdr_authsys_parms(XDR *, struct authsys_parms *);
 extern bool_t xdr_authloopback_parms(XDR *, struct authsys_parms *);
diff --git a/usr/src/uts/common/rpc/sec/svc_authu.c b/usr/src/uts/common/rpc/sec/svc_authu.c
index 6cfc89467c..224a8d33f6 100644
--- a/usr/src/uts/common/rpc/sec/svc_authu.c
+++ b/usr/src/uts/common/rpc/sec/svc_authu.c
@@ -21,6 +21,7 @@
  */
 /*
  * Copyright 1989 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2017 Joyent Inc
  * Use is subject to license terms.
  */
 
@@ -32,8 +33,6 @@
  * under license from the Regents of the University of California.
  */
 
-#ident	"%Z%%M%	%I%	%E% SMI"
-
 /*
  * svc_auth_unix.c
  * Handles UNIX flavor authentication parameters on the service side of rpc.
@@ -54,6 +53,7 @@
 #include <sys/tihdr.h>
 #include <sys/t_kuser.h>
 #include <sys/cmn_err.h>
+#include <sys/debug.h>
 
 #include <rpc/types.h>
 #include <rpc/xdr.h>
@@ -84,6 +84,7 @@ _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg)
 	u_int str_len, gid_len;
 	int i;
 
+	CTASSERT(sizeof (struct area) <= RQCRED_SIZE);
 	/* LINTED pointer alignment */
 	area = (struct area *) rqst->rq_clntcred;
 	aup = &area->area_aup;
diff --git a/usr/src/uts/common/rpc/sec/svcauthdes.c b/usr/src/uts/common/rpc/sec/svcauthdes.c
index a2dfa41c29..563067bb04 100644
--- a/usr/src/uts/common/rpc/sec/svcauthdes.c
+++ b/usr/src/uts/common/rpc/sec/svcauthdes.c
@@ -19,6 +19,7 @@
  * CDDL HEADER END
  */
 /*
+ * Copyright 2017 Joyent Inc
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
@@ -59,6 +60,7 @@
 #include <sys/kmem.h>
 #include <sys/time.h>
 #include <sys/cmn_err.h>
+#include <sys/debug.h>
 
 #include <rpc/types.h>
 #include <rpc/xdr.h>
@@ -159,6 +161,7 @@ _svcauth_des(struct svc_req *rqst, struct rpc_msg *msg)
 	}
 	mutex_exit(&authdes_lock);
 
+	CTASSERT(sizeof (struct area) <= RQCRED_SIZE);
 	/* LINTED pointer alignment */
 	area = (struct area *)rqst->rq_clntcred;
 	cred = (struct authdes_cred *)&area->area_cred;
diff --git a/usr/src/uts/common/rpc/svc.c b/usr/src/uts/common/rpc/svc.c
index c0ca1ede3f..43f8a6d703 100644
--- a/usr/src/uts/common/rpc/svc.c
+++ b/usr/src/uts/common/rpc/svc.c
@@ -207,8 +207,6 @@
 #include <nfs/nfs.h>
 #include <sys/tsol/label_macro.h>
 
-#define	RQCRED_SIZE	400	/* this size is excessive */
-
 /*
  * Defines for svc_poll()
  */
author	Alex Wilson <alex.wilson@joyent.com>	2017-04-20 15:30:11 -0400
committer	Dan McDonald <danmcd@omniti.com>	2017-04-20 15:32:26 -0400
commit	b1cdc7203182cbb9ef6b7bc6085ee5b8dbee793b (patch)
tree	9cbe7ecb846fc5f26d0efa6735d58ae81f58441f /usr/src/uts/common/rpc
parent	def4fac5882b4ca67bd0f4a53509b6d1fa8ae14e (diff)
download	illumos-joyent-b1cdc7203182cbb9ef6b7bc6085ee5b8dbee793b.tar.gz