[PATCH AUTOSEL 3.18 05/16] SUNRPC: Fix leak of krb5p encode pages

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Chuck Lever <chuck.lever@oracle.com>,
	stable@kernel.org,
	Trond Myklebust <trond.myklebust@hammerspace.com>,
	Sasha Levin <sashal@kernel.org>,
	linux-nfs@vger.kernel.org, netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 3.18 05/16] SUNRPC: Fix leak of krb5p encode pages
Date: Wed, 12 Dec 2018 23:33:32 -0500	[thread overview]
Message-ID: <20181213043343.76896-5-sashal@kernel.org> (raw)
In-Reply-To: <20181213043343.76896-1-sashal@kernel.org>

From: Chuck Lever <chuck.lever@oracle.com>

[ Upstream commit 8dae5398ab1ac107b1517e8195ed043d5f422bd0 ]

call_encode can be invoked more than once per RPC call. Ensure that
each call to gss_wrap_req_priv does not overwrite pointers to
previously allocated memory.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Cc: stable@kernel.org
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/sunrpc/auth_gss/auth_gss.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 81e29f02d28e..7a0e287be77f 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -1721,6 +1721,7 @@ priv_release_snd_buf(struct rpc_rqst *rqstp)
 	for (i=0; i < rqstp->rq_enc_pages_num; i++)
 		__free_page(rqstp->rq_enc_pages[i]);
 	kfree(rqstp->rq_enc_pages);
+	rqstp->rq_release_snd_buf = NULL;
 }
 
 static int
@@ -1729,6 +1730,9 @@ alloc_enc_pages(struct rpc_rqst *rqstp)
 	struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
 	int first, last, i;
 
+	if (rqstp->rq_release_snd_buf)
+		rqstp->rq_release_snd_buf(rqstp);
+
 	if (snd_buf->page_len == 0) {
 		rqstp->rq_enc_pages_num = 0;
 		return 0;
-- 
2.19.1

next prev parent reply	other threads:[~2018-12-13  4:35 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-12-13  4:33 [PATCH AUTOSEL 3.18 01/16] scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 02/16] scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 03/16] x86/earlyprintk/efi: Fix infinite loop on some screen widths Sasha Levin
2018-12-13  4:33   ` Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 04/16] bonding: fix 802.3ad state sent to partner when unbinding slave Sasha Levin
2018-12-13  4:33 ` Sasha Levin [this message]
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 06/16] SUNRPC: Fix a potential race in xprt_connect() Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 07/16] sbus: char: add of_node_put() Sasha Levin
2018-12-13  4:33   ` Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 08/16] drivers/sbus/char: " Sasha Levin
2018-12-13  4:33   ` Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 09/16] drivers/tty: add missing of_node_put() Sasha Levin
2018-12-13  4:33   ` Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 10/16] ide: pmac: add of_node_put() Sasha Levin
2018-12-13  4:33   ` Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 11/16] Input: omap-keypad - fix keyboard debounce configuration Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 12/16] libata: whitelist all SAMSUNG MZ7KM* solid-state disks Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 13/16] net: 8139cp: fix a BUG triggered by changing mtu with network traffic Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 14/16] ARM: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 15/16] cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) Sasha Levin
2018-12-13  4:33 ` [PATCH AUTOSEL 3.18 16/16] i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node Sasha Levin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:81e29f02d28 dfblob:7a0e287be77 )
 OR (
bs:"[PATCH AUTOSEL 3.18 05/16] SUNRPC: Fix leak of krb5p encode pages" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181213043343.76896-5-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=chuck.lever@oracle.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nfs@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=stable@kernel.org \
    --cc=stable@vger.kernel.org \
    --cc=trond.myklebust@hammerspace.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.