raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2026-01-04 18:27:36 +00:00
Code Issues Projects Releases Wiki Activity
Files
a51a72a47d73cc0aa6067d0024c98b8d4184e751
linux/net/sunrpc
History
Trond Myklebust 42b761f606 SUNRPC: Fix a use after free when a server rejects the RPCSEC_GSS credential 
commit 7987b694ad upstream.

The addition of rpc_check_timeout() to call_decode causes an Oops
when the RPCSEC_GSS credential is rejected.
The reason is that rpc_decode_header() will call xprt_release() in
order to free task->tk_rqstp, which is needed by rpc_check_timeout()
to check whether or not we should exit due to a soft timeout.

The fix is to move the call to xprt_release() into call_decode() so
we can perform it after rpc_check_timeout().

Reported-by: Olga Kornievskaia <olga.kornievskaia@gmail.com>
Reported-by: Nick Bowler <nbowler@draconx.ca>
Fixes: cea57789e4 ("SUNRPC: Clean up")
Cc: stable@vger.kernel.org # v5.1+
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-11 12:19:15 +02:00
..
auth_gss
SUNRPC: Convert remaining GFP_NOIO, and GFP_NOWAIT sites in sunrpc
2019-03-02 16:25:26 -05:00
xprtrdma
xprtrdma: Fix helper that drains the transport
2019-04-11 15:23:48 -04:00
addr.c
replace strict_strto calls
2014-07-12 18:45:49 -04:00
auth_null.c
SUNRPC: Add rpc_auth::au_ralign field
2019-02-14 11:48:36 -05:00
auth_unix.c
Merge tag 'nfs-rdma-for-5.1-1' of git://git.linux-nfs.org/projects/anna/linux-nfs
2019-02-25 09:35:49 -05:00
auth.c
SUNRPC: Use struct xdr_stream when decoding RPC Reply header
2019-02-14 09:11:18 -05:00
backchannel_rqst.c
SUNRPC: Allow dynamic allocation of back channel slots
2019-03-02 16:25:26 -05:00
cache.c
sunrpc: don't mark uninitialised items as VALID.
2019-04-05 19:57:24 -04:00
clnt.c
SUNRPC: Fix a use after free when a server rejects the RPCSEC_GSS credential
2019-06-11 12:19:15 +02:00
debugfs.c
rpc: properly check debugfs dentry before using it
2019-02-12 15:51:39 -05:00
Kconfig
SUNRPC: Add build option to disable support for insecure enctypes
2019-02-13 13:33:12 -05:00
Makefile
SUNRPC: remove generic cred code.
2018-12-19 13:52:46 -05:00
netns.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
rpc_pipe.c
sunrpc: convert to DEFINE_SHOW_ATTRIBUTE
2019-01-02 12:05:49 -05:00
rpcb_clnt.c
sunrpc: convert unnecessary GFP_ATOMIC to GFP_NOFS
2019-01-02 12:05:19 -05:00
sched.c
SUNRPC: Remove redundant calls to RPC_IS_QUEUED()
2019-03-09 16:22:58 -05:00
socklib.c
net: dump more useful information in netdev_rx_csum_fault()
2018-11-15 11:37:04 -08:00
stats.c
sunrpc: whitespace fixes
2018-07-31 12:53:40 -04:00
sunrpc_syms.c
net: Drop pernet_operations::async
2018-03-27 13:18:09 -04:00
sunrpc.h
sunrpc: whitespace fixes
2018-07-31 12:53:40 -04:00
svc_xprt.c
svcrpc: fix unlikely races preventing queueing of sockets
2019-02-06 15:37:14 -05:00
svc.c
SUNRPC: Remove rpc_xprt::tsh_size
2019-02-13 13:14:35 -05:00
svcauth_unix.c
SUNRPC: Make server side AUTH_UNIX use lockless lookups
2018-10-29 16:58:04 -04:00
svcauth.c
SUNRPC: Add lockless lookup of the server's auth domain
2018-10-03 11:32:59 -04:00
svcsock.c
svcrpc: fix UDP on servers with lots of threads
2019-02-21 10:17:36 -05:00
sysctl.c
Remove 'type' argument from access_ok() function
2019-01-03 18:57:57 -08:00
timer.c
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
xdr.c
NFS: Account for XDR pad of buf->pages
2019-02-14 10:13:49 -05:00
xprt.c
SUNRPC: Use the ENOTCONN error on socket disconnect
2019-03-15 13:08:20 -04:00
xprtmultipath.c
SUNRPC: Fix some kernel doc complaints
2019-01-02 12:05:18 -05:00
xprtsock.c
SUNRPC: fix uninitialized variable warning
2019-03-26 13:04:32 -07:00