Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp2331213pxb; Sat, 2 Oct 2021 13:44:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzFsSZ6Y9z1ITMUZ4uNvUWgmlRBeo0VOVimPDgOnVZlcCwPrdkS9GfHgtVQyeC1sIUlf8Qj X-Received: by 2002:a17:906:c05a:: with SMTP id bm26mr6441837ejb.498.1633207481950; Sat, 02 Oct 2021 13:44:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633207481; cv=none; d=google.com; s=arc-20160816; b=HOpZhlEdtfApYEM9vyfZUBj1Y2biD6QmkqxplcJVHHgyh2I8GtthktwvmGUd6TcEWy YdQSmfZE0RU0ufJrrEuWs9aIEDlZLkA4LrZDel5ZG/yYh12pSDE5TeRMbTNcxDaB0aZj aPZpFRN0BfB2+ljHtBgCqy3RFXRo4eNUUPFZ31/WU1bLHn6bcAoOr2ScPFQYSAl4dX6I CxM1AwlVfZ0qD63Ubaq694bULEKKu9KGWkaNwn1oLI1emVb5amZhYp7H8mAeatD6uZXH kwHm+0MG6SFXgnZ+NrGb405c3s+e0O5BTdb3IGdYT5/Y07QKN2IE3yzCuiQmpMs9jYH0 rTag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature:dkim-filter; bh=Ct+gvNc5NZbmIUU7egKb4KZT1aW4wHdRL8SdU4Csdhw=; b=rtS720RKZ04b3l79l3bVzeS0S1SOj24whHI1vIkhREc5odX+PmvP4+gBIFvH0y4u81 85r8kp5ZA7K+gg+c+bcSv2G1cGSmz/9MJUrzxhyQX9obn4AkdePqXUoL8HSCGxfegAWn SmAzN1LCRyDdK2HCGJpPgW32gSkPHDRUlrO9wQQkO0xA/ueIVyuTrCDGyc+IEAaFfXl5 z3nioi0aaMSsVk0mFqKY+0I6/2rRzoUMly88AXYEV1raz+VgcUexV0ybKb78y0+xiQ5e 5ctnMFW4VllpJrslNxfdlMPnb9j900YGCJtFLN14A7hJE0oMTMAxf4vCfG9gpYHxQ52u mTzg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@fieldses.org header.s=default header.b=ouCgJ1Vh; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z7si11368825edr.15.2021.10.02.13.44.02; Sat, 02 Oct 2021 13:44:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@fieldses.org header.s=default header.b=ouCgJ1Vh; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233460AbhJBUkK (ORCPT + 99 others); Sat, 2 Oct 2021 16:40:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60928 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229503AbhJBUkK (ORCPT ); Sat, 2 Oct 2021 16:40:10 -0400 Received: from fieldses.org (fieldses.org [IPv6:2600:3c00:e000:2f7::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2078AC061714 for ; Sat, 2 Oct 2021 13:38:24 -0700 (PDT) Received: by fieldses.org (Postfix, from userid 2815) id 16CE86C0C; Sat, 2 Oct 2021 16:38:23 -0400 (EDT) DKIM-Filter: OpenDKIM Filter v2.11.0 fieldses.org 16CE86C0C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fieldses.org; s=default; t=1633207103; bh=Ct+gvNc5NZbmIUU7egKb4KZT1aW4wHdRL8SdU4Csdhw=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ouCgJ1VhvxzXpoqFPRqPPy53Q8fdv+5MLHCK4R+hdpyu+f4pwqIm/P2Y/NM/yueQ8 tCJV7wun6a2R0oXl+OKsYiXm7b8NhVaitWQ2wF/J0B1JZuTe2WuZsBhReUcOJA6HH4 4+n5aRVKPPCHwUfywH5yTshzqkMxUFg4/mBv6+2k= Date: Sat, 2 Oct 2021 16:38:23 -0400 From: "J. Bruce Fields" To: Volodymyr Khomenko Cc: linux-nfs@vger.kernel.org Subject: Re: GSSAPI fix for pynfs nfs4.1 client code Message-ID: <20211002203823.GC26608@fieldses.org> References: <20210930211123.GA16927@fieldses.org> <20211001141306.GD959@fieldses.org> <20211001154821.GE959@fieldses.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Sat, Oct 02, 2021 at 09:12:25AM +0300, Volodymyr Khomenko wrote: > P.S. Since the very 1st operation after NFS4 NULL is EXCHANGE_ID - it > should be only single operation > (client can't send few ECHANGE_ID because clientowner is only one per > mount) and next CREATE_SESSION can't be sent > until EXCHANGE_ID is replied from the server. > So the use-case of 'any of the first 128 rpcs were out of order' is > just a theoretical one and probably not possible in practice. So our server uses a fixed-size gss sequence number window of 128. We keep track of sd_max, the largest sequence number we've seen so far. Given an incoming rpc with sequence number seqno, we check: is seqno > sd_max? This is the normal case for in-order sequence numbers; update sd_max and our other sequence number data and continue normal processing. else is seqno < sd_max - 128? Oops, this is definitely too old; drop the request. else check our data about sequence numbers seen so far. But our specific bug was we were doing the second check using unsigned arithmetic, so if we hit the second check before sd_max hits 128, then (sd_max - 128) is something very large, and we drop the request. --b.