Merge tag 'char-misc-4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregk...

[karo-tx-linux.git] / net / sunrpc / auth_gss / svcauth_gss.c

diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 1530825985221a1aeb5f77ee81f4251acdef9d96..7b1ee5a0b03cd10d167a6ca522243c4285996151 100644 (file)
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -838,6 +838,14 @@ unwrap_integ_data(struct svc_rqst *rqstp, struct xdr_buf *buf, u32 seq, struct g
        struct xdr_netobj mic;
        struct xdr_buf integ_buf;
 
+       /* NFS READ normally uses splice to send data in-place. However
+        * the data in cache can change after the reply's MIC is computed
+        * but before the RPC reply is sent. To prevent the client from
+        * rejecting the server-computed MIC in this somewhat rare case,
+        * do not use splice with the GSS integrity service.
+        */
+       clear_bit(RQ_SPLICE_OK, &rqstp->rq_flags);
+
        /* Did we already verify the signature on the original pass through? */
        if (rqstp->rq_deferred)
                return 0;
@@ -1489,8 +1497,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
        case RPC_GSS_PROC_DESTROY:
                if (gss_write_verf(rqstp, rsci->mechctx, gc->gc_seq))
                        goto auth_err;
-               rsci->h.expiry_time = seconds_since_boot();
-               set_bit(CACHE_NEGATIVE, &rsci->h.flags);
+               /* Delete the entry from the cache_list and call cache_put */
+               sunrpc_cache_unhash(sn->rsc_cache, &rsci->h);
                if (resv->iov_len + 4 > PAGE_SIZE)
                        goto drop;
                svc_putnl(resv, RPC_SUCCESS);