From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.linuxfoundation.org ([140.211.169.12]:45467 "EHLO
	mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752078AbbGaTiI (ORCPT
	<rfc822;stable@vger.kernel.org>); Fri, 31 Jul 2015 15:38:08 -0400
Subject: Patch "nfs: fix potential credential leak in ff_layout_update_mirror_cred" has been added to the 4.1-stable tree
To: jlayton@poochiereds.net, gregkh@linuxfoundation.org,
	jeff.layton@primarydata.com, trond.myklebust@primarydata.com
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
From: <gregkh@linuxfoundation.org>
Date: Fri, 31 Jul 2015 12:38:05 -0700
Message-ID: <143837148565241@kroah.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ANSI_X3.4-1968
Content-Transfer-Encoding: 8bit
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>


This is a note to let you know that I've just added the patch titled

    nfs: fix potential credential leak in ff_layout_update_mirror_cred

to the 4.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     nfs-fix-potential-credential-leak-in-ff_layout_update_mirror_cred.patch
and it can be found in the queue-4.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>>From a24221dca1868101c9b4b5adde4a6a5b1a3a64a7 Mon Sep 17 00:00:00 2001
From: Jeff Layton <jlayton@poochiereds.net>
Date: Wed, 24 Jun 2015 12:10:23 -0400
Subject: nfs: fix potential credential leak in ff_layout_update_mirror_cred

From: Jeff Layton <jlayton@poochiereds.net>

commit a24221dca1868101c9b4b5adde4a6a5b1a3a64a7 upstream.

If we have two tasks racing to update a mirror's credentials, then they
can end up leaking one (or more) sets of credentials. The first task
will set mirror->cred and then the second task will just overwrite it.

Use a cmpxchg to ensure that the creds are only set once. If we get to
the point where we would set mirror->cred and find that they're already
set, then we just release the creds that were just found.

Signed-off-by: Jeff Layton <jeff.layton@primarydata.com>
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 fs/nfs/flexfilelayout/flexfilelayoutdev.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/fs/nfs/flexfilelayout/flexfilelayoutdev.c
+++ b/fs/nfs/flexfilelayout/flexfilelayoutdev.c
@@ -324,7 +324,8 @@ static int ff_layout_update_mirror_cred(
 				__func__, PTR_ERR(cred));
 			return PTR_ERR(cred);
 		} else {
-			mirror->cred = cred;
+			if (cmpxchg(&mirror->cred, NULL, cred))
+				put_rpccred(cred);
 		}
 	}
 	return 0;


Patches currently in stable-queue which might be from jlayton@poochiereds.net are

queue-4.1/nfs-increase-size-of-exchange_id-name-string-buffer.patch
queue-4.1/nfs-always-update-creds-in-mirror-even-when-we-have-an-already-connected-ds.patch
queue-4.1/nfs-fix-potential-credential-leak-in-ff_layout_update_mirror_cred.patch