Re: [Regression] "SUNRPC: Add "@len" parameter to gss_unwrap()" breaks NFS Kerberos on upstream stable 5.4.y

[Chuck Lever]

> On Jul 17, 2020, at 1:29 PM, Pierre Sauter <pierre.sauter@xxxxxxx> wrote:
> 
> Hi Chuck,
> 
> Am Donnerstag, 16. Juli 2020, 21:25:40 CEST schrieb Chuck Lever:
>> So this makes me think there's a possibility you are not using upstream
>> stable kernels. I can't help if I don't know what source code and commit
>> stream you are using. It also makes me question the bisect result.
> 
> Yes you are right, I was referring to Ubuntu kernels 5.4.0-XX. From the
> discussion in the Ubuntu bugtracker I got the impression that Ubuntu kernels
> 5.4.0-XX and upstream 5.4.XX are closely related, obviously they are not. The
> bisection was done by the original bug reporter and also refers to the Ubuntu
> kernel.
> 
> In the meantime I tested v5.4.51 upstream, which shows no problems. Sorry for
> the bother.

Pierre, thanks for confirming!

Kai-Heng suspected an upstream stable commit that is missing in 5.4.0-40,
but I don't have any good suggestions.


>>> My krb5 etype is aes256-cts-hmac-sha1-96.
>> 
>> Thanks! And what is your NFS server and filesystem? It's possible that the
>> client is not estimating the size of the reply correctly. Variables include
>> the size of file handles, MIC verifiers, and wrap tokens.
> 
> The server is Debian with v4.19.130 upstream, filesystem ext4.
> 
>> You might try:
>> 
>> e8d70b321ecc ("SUNRPC: Fix another issue with MIC buffer space")
> 
> That one is actually in Ubuntus 5.4.0-40, from looking at the code.

--
Chuck Lever