DDN-4630 sec: cleanup grouplist alloc for INTERNAL id upcall

With the INTERNAL identity upcall, we are using supplementary groups
provided by the client, by building an array of gid_t.
Cleanup this group list allocation, and make sure the size returned
matches the actual size of the allocated array.

Fixes: 4515e5365f ("LU-17015 build: rework upcall cache")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I72cdfc6b76bfd9c2832a5d5e5f72c3aa45cf1efe
Reviewed-on: https://review.whamcloud.com/c/ex/lustre-release/+/53979
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>

diff --git a/lustre/obdclass/upcall_cache_internal.c b/lustre/obdclass/upcall_cache_internal.c
index a55b3c9..01dc37b 100644 (file)
--- a/lustre/obdclass/upcall_cache_internal.c
+++ b/lustre/obdclass/upcall_cache_internal.c
@@ -82,14 +82,14 @@ int upcall_cache_get_entry_internal(struct upcall_cache *cache,
        struct lu_ucred *uc = (struct lu_ucred *)args;
        struct md_identity *identity;
        bool supp_in_ginfo[2];
-       gid_t *glist_p;
-       int i;
+       gid_t *groups = NULL, *glist_p;
+       int groups_num, i, rc = 0;
 
        if (*grouplist || !uc || uc->uc_suppgids[0] == -1)
                /* grouplist already built, or no supp groups
                 * => return immediately
                 */
-               return 0;
+               goto out;
 
        identity = &entry->u.identity;
        *fsgid = uc->uc_fsgid;
@@ -97,16 +97,16 @@ int upcall_cache_get_entry_internal(struct upcall_cache *cache,
        supp_in_ginfo[1] = (uc->uc_suppgids[1] == -1);
 
        if (!identity->mi_ginfo || !identity->mi_ginfo->ngroups)
-               *ngroups = 0;
+               groups_num = 0;
        else
-               *ngroups = identity->mi_ginfo->ngroups;
+               groups_num = identity->mi_ginfo->ngroups;
 
        /* check if provided supp groups are already in cache */
        for (i = 0; i < 2 && uc->uc_suppgids[i] != -1; i++) {
                if (unlikely(uc->uc_suppgids[i] == uc->uc_fsuid)) {
                        /* Do not place user's group ID in group list */
                        supp_in_ginfo[i] = true;
-               } else if (*ngroups) {
+               } else if (groups_num) {
                        atomic_inc(&identity->mi_ginfo->usage);
                        supp_in_ginfo[i] =
                                lustre_groups_search(identity->mi_ginfo,
@@ -124,12 +124,15 @@ int upcall_cache_get_entry_internal(struct upcall_cache *cache,
                       cache->uc_name, uc->uc_suppgids[0],
                       uc->uc_suppgids[1], entry->ue_key);
 
-               *ngroups += !supp_in_ginfo[0] + !supp_in_ginfo[1];
-               CFS_ALLOC_PTR_ARRAY(*grouplist, *ngroups);
-               if (*grouplist == NULL)
-                       return -ENOMEM;
+               if (!supp_in_ginfo[0])
+                       groups_num++;
+               if (!supp_in_ginfo[1])
+                       groups_num++;
+               CFS_ALLOC_PTR_ARRAY(groups, groups_num);
+               if (groups == NULL)
+                       GOTO(out, rc = -ENOMEM);
 
-               glist_p = *grouplist;
+               glist_p = groups;
                for (i = 0; i < 2; i++) {
                        if (!supp_in_ginfo[i])
                                *(glist_p++) = uc->uc_suppgids[i];
@@ -154,5 +157,10 @@ int upcall_cache_get_entry_internal(struct upcall_cache *cache,
                }
        }
 
-       return 0;
+out:
+       if (groups) {
+               *grouplist = groups;
+               *ngroups = groups_num;
+       }
+       return rc;
 }