android_kernel_oneplus_msm8998/net
Tomáš Trnka 6c1e441c3b sunrpc: fix stripping of padded MIC tokens
commit c0cb8bf3a8e4bd82e640862cdd8891400405cb89 upstream.

The length of the GSS MIC token need not be a multiple of four bytes.
It is then padded by XDR to a multiple of 4 B, but unwrap_integ_data()
would previously only trim mic.len + 4 B. The remaining up to three
bytes would then trigger a check in nfs4svc_decode_compoundargs(),
leading to a "garbage args" error and mount failure:

nfs4svc_decode_compoundargs: compound not properly padded!
nfsd: failed to decode arguments!

This would prevent older clients using the pre-RFC 4121 MIC format
(37-byte MIC including a 9-byte OID) from mounting exports from v3.9+
servers using krb5i.

The trimming was introduced by commit 4c190e2f91 ("sunrpc: trim off
trailing checksum before returning decrypted or integrity authenticated
buffer").

Fixes: 4c190e2f91 "unrpc: trim off trailing checksum..."
Signed-off-by: Tomáš Trnka <ttrnka@mail.muni.cz>
Acked-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-06-07 18:14:36 -07:00
..
6lowpan 6lowpan: put mcast compression in an own function 2015-10-21 00:49:25 +02:00
9p IB/cma: Add support for network namespaces 2015-10-28 12:32:48 -04:00
802
8021q vlan: Do not put vlan headers back on bridge and macvlan ports 2015-11-17 14:38:35 -05:00
appletalk
atm atm: deal with setting entry before mkip was called 2015-09-17 22:13:32 -07:00
ax25 ax25: add link layer header validation function 2016-04-20 15:42:00 +09:00
batman-adv batman-adv: Reduce refcnt of removed router when updating route 2016-05-11 11:21:18 +02:00
bluetooth Bluetooth: Fix potential buffer overflow with Add Advertising 2016-04-12 09:08:54 -07:00
bridge bridge: fix igmp / mld query parsing 2016-05-18 17:06:42 -07:00
caif net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA 2015-12-01 15:45:05 -05:00
can can: avoid using timeval for uapi 2015-10-13 17:42:34 +02:00
ceph libceph: don't spam dmesg with stray reply warnings 2016-03-03 15:07:26 -08:00
core net: fix infoleak in rtnetlink 2016-05-18 17:06:41 -07:00
dcb net/dcb: make dcbnl.c explicitly non-modular 2015-10-09 07:52:27 -07:00
dccp tcp/dccp: remove obsolete WARN_ON() in icmp handlers 2016-04-20 15:42:04 +09:00
decnet decnet: Do not build routes to devices without decnet private data. 2016-05-18 17:06:35 -07:00
dns_resolver net: dns_resolver: convert time_t to time64_t 2015-11-18 16:27:46 -05:00
dsa net: dsa: use switchdev obj for VLAN add/del ops 2015-11-01 15:56:11 -05:00
ethernet net: help compiler generate better code in eth_get_headlen 2015-09-28 22:51:15 -07:00
hsr net/hsr: fix a warning message 2015-11-23 14:56:15 -05:00
ieee802154 net: fix percpu memory leaks 2015-11-02 22:47:14 -05:00
ipv4 net/route: enforce hoplimit max value 2016-05-18 17:06:43 -07:00
ipv6 net/route: enforce hoplimit max value 2016-05-18 17:06:43 -07:00
ipx
irda net: add validation for the socket syscall protocol argument 2015-12-14 16:09:30 -05:00
iucv af_iucv: Validate socket address length in iucv_sock_bind() 2016-03-03 15:07:03 -08:00
key af_key: fix two typos 2015-10-23 03:05:19 -07:00
l2tp ipv6: l2tp: fix a potential issue in l2tp_ip6_recv 2016-04-20 15:42:06 +09:00
l3mdev net: Add netif_is_l3_slave 2015-10-07 04:27:43 -07:00
lapb
llc net: fix infoleak in llc 2016-05-18 17:06:40 -07:00
mac80211 mac80211: fix statistics leak if dev_alloc_name() fails 2016-05-11 11:21:13 +02:00
mac802154 mac802154: llsec: use kzfree 2015-10-21 00:49:24 +02:00
mpls mpls: find_outdev: check for err ptr in addition to NULL check 2016-04-20 15:42:07 +09:00
netfilter nf_conntrack: avoid kernel pointer value leak in slab name 2016-05-18 17:06:57 -07:00
netlabel
netlink netlink: don't send NETLINK_URELEASE for unbound sockets 2016-05-04 14:48:45 -07:00
netrom netfilter: Remove spurios included of netfilter.h 2015-06-18 21:14:32 +02:00
nfc net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA 2015-12-01 15:45:05 -05:00
openvswitch openvswitch: use flow protocol when recalculating ipv6 checksums 2016-05-18 17:06:36 -07:00
packet packet: fix heap info leak in PACKET_DIAG_MCLIST sock_diag interface 2016-05-18 17:06:35 -07:00
phonet phonet: properly unshare skbs in phonet_rcv() 2016-01-31 11:29:00 -08:00
rds RDS: fix race condition when sending a message on unbound socket 2015-11-24 17:20:09 -05:00
rfkill rfkill: fix rfkill_fop_read wait_event usage 2016-03-03 15:07:26 -08:00
rose Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-24 02:58:51 -07:00
rxrpc net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA 2015-12-01 15:45:05 -05:00
sched netem: Segment GSO packets on enqueue 2016-05-18 17:06:39 -07:00
sctp sctp: lack the check for ports in sctp_v6_cmp_addr 2016-04-20 15:41:58 +09:00
sunrpc sunrpc: fix stripping of padded MIC tokens 2016-06-07 18:14:36 -07:00
switchdev switchdev: Require RTNL mutex to be held when sending FDB notifications 2016-03-03 15:07:04 -08:00
tipc tipc: Revert "tipc: use existing sk_write_queue for outgoing packet chain" 2016-04-20 15:41:58 +09:00
unix unix_diag: fix incorrect sign extension in unix_lookup_by_ino 2016-03-03 15:07:07 -08:00
vmw_vsock VSOCK: do not disconnect socket when peer has shutdown SEND only 2016-05-18 17:06:41 -07:00
wimax net:wimax: Fix doucble word "the the" in networking.xml 2015-08-09 22:43:52 -07:00
wireless nl80211: check netlink protocol in socket release notification 2016-05-04 14:48:45 -07:00
x25 net: fix a kernel infoleak in x25 module 2016-05-18 17:06:43 -07:00
xfrm xfrm: Fix crash observed during device unregistration and decryption 2016-04-20 15:42:05 +09:00
compat.c
Kconfig net: Introduce L3 Master device abstraction 2015-09-29 20:40:32 -07:00
Makefile net: Introduce L3 Master device abstraction 2015-09-29 20:40:32 -07:00
socket.c net: Fix use after free in the recvmmsg exit path 2016-04-20 15:42:03 +09:00
sysctl_net.c net: sysctl: fix a kmemleak warning 2015-10-23 06:22:08 -07:00