From nobody Tue Oct 14 12:57:21 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cmDl53zcYz6CPmg;
	Tue, 14 Oct 2025 12:57:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4cmDl5390Dz3Jv2;
	Tue, 14 Oct 2025 12:57:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1760446641;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3lNqkmzuzJZCwJW++cGx04Z9om+qVDRgEFWqlzg8liY=;
	b=DWoJoYxAHr0o+88N1WZLm46R+rms4LV2BkEF1YwIDJ9OPJTeGFzZVa1cyJH5DDqlHuGais
	DEiKKJiXfn7i1PjbKxg8WlTWN6iixfIe3laKGVNKpeqRiRhBXgN/UI30TdXhTHp8NIrhps
	FVl6vQo4hnPBsS2er6EbBydiu4ym9tiYKGolxDWkAkaVTkHpf++DGuS+DWhc+mr4G7eP0S
	gFWuUoLjheKyCS93I2mfJ5CpTZXxxJBJMqVycc5fgF2Xud6v0jf33jGD95pKEAJhASpPxS
	jO2uMlXFkyOZ74I3HZlWmSRkPgjbzEubUDcSD5RX6hR5qKAWxlLf2ifPXjb5tg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1760446641;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3lNqkmzuzJZCwJW++cGx04Z9om+qVDRgEFWqlzg8liY=;
	b=yJJH5/rkEMn5mKiRTBOdHDKx2KLnbyArdFx+BjXTW0VYGm2ixsfi2Egfh85WW14U9rbdnr
	W9Noj+iTrYqKiVVJAh48mmfKk0rRLy7HvfsZzpGiYtCZPyFBQQTGSuL0DHJz1gbUMWfrhz
	0j/jHFIVjJGH4eWBaRGmgX1HwYPfFPJlM2aGgondMsq2R1sSpOvILYUZLlu1rfoI5qKwEs
	jhNwCfBWbSq21dwTJL9BwPRtsWRwlCpeXHrDQP13Mb3LGxQGzFdPTHDcgSxdGk4WPXzQAO
	gnn9rSLofQ8C2pmgw59zsbxTH1iqXZNjUftD24sSLyiugp5CyQ4Un66WLvfazA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1760446641; a=rsa-sha256; cv=none;
	b=dL5UexfSBDON65pYC4wGxJqWlozjOF/d+ePaO2YlTxdthKh4W6rDhPpRZ2E3QvVnQCPvpd
	2tXXNmkzoz7S2mvO8UqQVM0wul/sIBHYTofU8h2BVRnUhKqjal7z6udcguYZqJ8lYnAy5k
	k8T7ST9wtACjSm0jeoppk1a/+VKQEfWHiJdL5Io8x/v5Gj/ezyrsM3C98nR4bFdBGJJ7us
	JHysDFvsxJ9P1dFdoEaMCTBCuWYSapA1aVncEgyfQ+uoBbzKJisWb7azJX1SNZbe8y7UNJ
	dlofNa0CIT6VLqZZm+0KekY0W9ZzhpiqsTVDc9xtrq1UCZz3VYtYObQLfa6I+A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cmDl52kBQzstQ;
	Tue, 14 Oct 2025 12:57:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 59ECvLJW077091;
	Tue, 14 Oct 2025 12:57:21 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 59ECvLQV077088;
	Tue, 14 Oct 2025 12:57:21 GMT
	(envelope-from git)
Date: Tue, 14 Oct 2025 12:57:21 GMT
Message-Id: <202510141257.59ECvLQV077088@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 2110ae0ef9d6 - main - sys/rpc: UNIX auth: Do not log
  on bogus AUTH_SYS messages
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 2110ae0ef9d6ca8cf52b29fcaf926c4343f56826
Auto-Submitted: auto-generated

The branch main has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=2110ae0ef9d6ca8cf52b29fcaf926c4343f56826

commit 2110ae0ef9d6ca8cf52b29fcaf926c4343f56826
Author:     Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2025-10-14 12:54:55 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2025-10-14 12:56:54 +0000

    sys/rpc: UNIX auth: Do not log on bogus AUTH_SYS messages
    
    Remove the printf() stances added in commit d4cc791f3b2e ("sys/rpc: UNIX
    auth: Fix OOB reads on too short message").
    
    Even if it can be helpful to know why an authentication message is
    rejected, printing explanatory messages on each request attempt is
    a remote log filler that could be triggered by accident, and the generic
    RPC code generally does not do that.  These printf() calls should be
    restored only after some limiting or configuration mechanism is devised.
    
    MFC with:       d4cc791f3b2e ("sys/rpc: UNIX auth: Fix OOB reads on too short message")
    Sponsored by:   The FreeBSD Foundation
---
 sys/rpc/svc_auth_unix.c | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/sys/rpc/svc_auth_unix.c b/sys/rpc/svc_auth_unix.c
index 9e4b0b8483b5..aa0fc585865f 100644
--- a/sys/rpc/svc_auth_unix.c
+++ b/sys/rpc/svc_auth_unix.c
@@ -41,7 +41,6 @@
  */
 
 #include <sys/param.h>
-#include <sys/systm.h>
 #include <sys/ucred.h>
 
 #include <rpc/rpc.h>
@@ -70,11 +69,8 @@ _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg)
 		const uint32_t min_len = 5 * BYTES_PER_XDR_UNIT;
 		uint32_t str_len, supp_ngroups;
 
-		if (auth_len < min_len) {
-			(void)printf("AUTH_SYS: Too short credentials (%u)\n",
-			    auth_len);
+		if (auth_len < min_len)
 			goto badcred;
-		}
 		time = IXDR_GET_UINT32(buf);
 		str_len = IXDR_GET_UINT32(buf);
 		if (str_len > AUTH_SYS_MAX_HOSTNAME)
@@ -85,12 +81,8 @@ _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg)
 		 * 'str_len' (and that it won't cause an overflow in additions
 		 * below) to protect access to the credentials part.
 		 */
-		if (auth_len < min_len + str_len) {
-			(void)printf("AUTH_SYS: Inconsistent credentials and "
-			    "host name lengths (%u, %u)\n",
-			    auth_len, str_len);
+		if (auth_len < min_len + str_len)
 			goto badcred;
-		}
 		buf += str_len / sizeof (int32_t);
 		xcr->cr_uid = IXDR_GET_UINT32(buf);
 		xcr->cr_gid = IXDR_GET_UINT32(buf);
@@ -108,14 +100,8 @@ _svcauth_unix(struct svc_req *rqst, struct rpc_msg *msg)
 		 * read in total.
 		 */
 		if (auth_len < min_len + str_len +
-		    supp_ngroups * BYTES_PER_XDR_UNIT) {
-			(void)printf("AUTH_SYS: Inconsistent lengths "
-			    "(credentials %u, machine name %u, "
-			    "supplementary groups %u)\n",
-			    auth_len, str_len,
-			    supp_ngroups * BYTES_PER_XDR_UNIT);
+		    supp_ngroups * BYTES_PER_XDR_UNIT)
 			goto badcred;
-		}
 
 		/*
 		 * Note that 'xcr' is a 'struct xucred', which still has the