mbox series

[0/3] SUNRPC/svc: fix gss flavour registration problems.

Message ID 159003086409.24897.4659128962844846611.stgit@noble (mailing list archive)
Headers show
Series SUNRPC/svc: fix gss flavour registration problems. | expand

Message

NeilBrown May 21, 2020, 3:21 a.m. UTC
As reported in
 https://bugzilla.kernel.org/show_bug.cgi?id=206651
there are problems with sunrpc/svc flavour registration.

This can be demonstrated as a memory-leak if you load the
rpcsec_gss_krb5 module, then unload the sunrpc module and all
dependents.  This action leaks 3 kmalloc-64 slab entires, and some
strings.

The possible consequences are worse.  If only unload rpcsec_gss_krb5
and reload just that, it will allow the old registered flavour handlers
to be used, and they will include pointers into memory which has since
been freed and possibly reused.  This can result in undesired
behaviour.

The first patch makes the leak apparent with a WARNing, the second
prevents it but also prevents module reload, the third removes the
incorrect behaviour so the module can be safely unloaded and reloaded.

I think all are suitable for -stable, but I haven't determined
appropriate 'Fixes:' tags.

NeilBrown

---

NeilBrown (3):
      sunrpc: check that domain table is empty at module unload.
      sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
      sunrpc: clean up properly in gss_mech_unregister()


 include/linux/sunrpc/gss_api.h        |    1 +
 include/linux/sunrpc/svcauth_gss.h    |    3 ++-
 net/sunrpc/auth_gss/gss_mech_switch.c |   12 +++++++++---
 net/sunrpc/auth_gss/svcauth_gss.c     |   17 ++++++++++-------
 net/sunrpc/sunrpc.h                   |    1 +
 net/sunrpc/sunrpc_syms.c              |    2 ++
 net/sunrpc/svcauth.c                  |   18 ++++++++++++++++++
 7 files changed, 43 insertions(+), 11 deletions(-)

--
Signature