From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Roberto Bergantinos Corpas <rbergant@redhat.com>,
Frank Sorenson <sorenson@redhat.com>,
"J. Bruce Fields" <bfields@redhat.com>
Subject: [PATCH 4.9 043/116] sunrpc: expiry_time should be seconds not timeval
Date: Thu, 13 Feb 2020 07:19:47 -0800 [thread overview]
Message-ID: <20200213151859.743949173@linuxfoundation.org> (raw)
In-Reply-To: <20200213151842.259660170@linuxfoundation.org>
From: Roberto Bergantinos Corpas <rbergant@redhat.com>
commit 3d96208c30f84d6edf9ab4fac813306ac0d20c10 upstream.
When upcalling gssproxy, cache_head.expiry_time is set as a
timeval, not seconds since boot. As such, RPC cache expiry
logic will not clean expired objects created under
auth.rpcsec.context cache.
This has proven to cause kernel memory leaks on field. Using
64 bit variants of getboottime/timespec
Expiration times have worked this way since 2010's c5b29f885afe "sunrpc:
use seconds since boot in expiry cache". The gssproxy code introduced
in 2012 added gss_proxy_save_rsc and introduced the bug. That's a while
for this to lurk, but it required a bit of an extreme case to make it
obvious.
Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com>
Cc: stable@vger.kernel.org
Fixes: 030d794bf498 "SUNRPC: Use gssproxy upcall for server..."
Tested-By: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/sunrpc/auth_gss/svcauth_gss.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -1180,6 +1180,7 @@ static int gss_proxy_save_rsc(struct cac
dprintk("RPC: No creds found!\n");
goto out;
} else {
+ struct timespec64 boot;
/* steal creds */
rsci.cred = ud->creds;
@@ -1200,6 +1201,9 @@ static int gss_proxy_save_rsc(struct cac
&expiry, GFP_KERNEL);
if (status)
goto out;
+
+ getboottime64(&boot);
+ expiry -= boot.tv_sec;
}
rsci.h.expiry_time = expiry;
next prev parent reply other threads:[~2020-02-13 16:05 UTC|newest]
Thread overview: 129+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-13 15:19 [PATCH 4.9 000/116] 4.9.214-stable review Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 001/116] media: iguanair: fix endpoint sanity check Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 002/116] x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 003/116] sparc32: fix struct ipc64_perm type definition Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 004/116] ASoC: qcom: Fix of-node refcount unbalance to link->codec_of_node Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 005/116] cls_rsvp: fix rsvp_policy Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 006/116] gtp: use __GFP_NOWARN to avoid memalloc warning Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 007/116] net: hsr: fix possible NULL deref in hsr_handle_frame() Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 008/116] net_sched: fix an OOB access in cls_tcindex Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 009/116] rxrpc: Fix insufficient receive notification generation Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 010/116] rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 011/116] tcp: clear tp->total_retrans in tcp_disconnect() Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 012/116] tcp: clear tp->delivered " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 013/116] tcp: clear tp->data_segs{in|out} " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 014/116] tcp: clear tp->segs_{in|out} " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 015/116] media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 016/116] mfd: dln2: More sanity checking for endpoints Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 017/116] brcmfmac: Fix memory leak in brcmf_usbdev_qinit Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 018/116] usb: gadget: legacy: set max_speed to super-speed Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 019/116] usb: gadget: f_ncm: Use atomic_t to track in-flight request Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 020/116] usb: gadget: f_ecm: " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 021/116] ALSA: dummy: Fix PCM format loop in proc output Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 022/116] media/v4l2-core: set pages dirty upon releasing DMA buffers Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 023/116] media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 024/116] lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more() Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 025/116] powerpc/pseries: Advance pfn if section is not present in lmb_is_removable() Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 026/116] mmc: spi: Toggle SPI polarity, do not hardcode it Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 027/116] PCI: keystone: Fix link training retries initiation Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 028/116] ubifs: Change gfp flags in page allocation for bulk read Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 029/116] ubifs: Fix deadlock in concurrent bulk-read and writepage Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 030/116] crypto: api - Check spawn->alg under lock in crypto_drop_spawn Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 031/116] scsi: qla2xxx: Fix mtcp dump collection failure Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 032/116] power: supply: ltc2941-battery-gauge: fix use-after-free Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 033/116] of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 034/116] dm space map common: fix to ensure new block isnt already in use Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 035/116] padata: Remove broken queue flushing Greg Kroah-Hartman
2020-02-14 21:48 ` [PATCH v2 4.9] " Daniel Jordan
2020-02-13 15:19 ` [PATCH 4.9 036/116] crypto: pcrypt - Do not clear MAY_SLEEP flag in original request Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 037/116] crypto: atmel-aes - Fix counter overflow in CTR mode Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 038/116] crypto: api - Fix race condition in crypto_spawn_alg Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 039/116] crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 040/116] btrfs: set trans->drity in btrfs_commit_transaction Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 041/116] ARM: tegra: Enable PLLP bypass during Tegra124 LP1 Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 042/116] mwifiex: fix unbalanced locking in mwifiex_process_country_ie() Greg Kroah-Hartman
2020-02-13 15:19 ` Greg Kroah-Hartman [this message]
2020-02-13 15:19 ` [PATCH 4.9 044/116] KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 045/116] KVM: x86: Protect DR-based index computations from " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 046/116] KVM: x86: Protect kvm_lapic_reg_write() " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 047/116] KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 048/116] KVM: x86: Protect ioapic_write_indirect() " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 049/116] KVM: x86: Protect MSR-based index computations in pmu.h " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 050/116] KVM: x86: Protect ioapic_read_indirect() " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 051/116] KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 052/116] KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 053/116] KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() " Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 054/116] KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails Greg Kroah-Hartman
2020-02-13 15:19 ` [PATCH 4.9 055/116] KVM: PPC: Book3S PR: Free shared page if mmu initialization fails Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 056/116] KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 057/116] clk: tegra: Mark fuse clock as critical Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 058/116] scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 059/116] scsi: csiostor: Adjust indentation in csio_device_reset Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 060/116] scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 061/116] ext2: Adjust indentation in ext2_fill_super Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 062/116] powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 063/116] NFC: pn544: Adjust indentation in pn544_hci_check_presence Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 064/116] ppp: Adjust indentation into ppp_async_input Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 065/116] net: smc911x: Adjust indentation in smc911x_phy_configure Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 066/116] net: tulip: Adjust indentation in {dmfe, uli526x}_init_module Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 067/116] IB/mlx5: Fix outstanding_pi index for GSI qps Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 068/116] nfsd: fix delay timer on 32-bit architectures Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 069/116] nfsd: fix jiffies/time_t mixup in LRU list Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 070/116] ubi: fastmap: Fix inverted logic in seen selfcheck Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 071/116] ubi: Fix an error pointer dereference in error handling code Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 072/116] mfd: da9062: Fix watchdog compatible string Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 073/116] mfd: rn5t618: Mark ADC control register volatile Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 074/116] net: systemport: Avoid RBUF stuck in Wake-on-LAN mode Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 075/116] bonding/alb: properly access headers in bond_alb_xmit() Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 076/116] NFS: switch back to to ->iterate() Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 077/116] NFS: Fix memory leaks and corruption in readdir Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 078/116] NFS: Fix bool initialization/comparison Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 079/116] NFS: Directory page cache pages need to be locked when read Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 080/116] ext4: fix deadlock allocating crypto bounce page from mempool Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 081/116] Btrfs: fix assertion failure on fsync with NO_HOLES enabled Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 082/116] btrfs: use bool argument in free_root_pointers() Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 083/116] btrfs: free block groups after freeing fs trees Greg Kroah-Hartman
2020-02-13 20:55 ` David Sterba
2020-02-13 22:59 ` Greg Kroah-Hartman
2020-02-14 1:13 ` Sasha Levin
2020-02-13 15:20 ` [PATCH 4.9 084/116] btrfs: remove trivial locking wrappers of tree mod log Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 085/116] Btrfs: fix race between adding and putting tree mod seq elements and nodes Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 086/116] drm: atmel-hlcdc: enable clock before configuring timing engine Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 087/116] drm/dp_mst: Remove VCPI while disabling topology mgr Greg Kroah-Hartman
2020-02-14 17:38 ` Lyude Paul
2020-02-14 21:11 ` Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 088/116] KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 089/116] btrfs: flush write bio if we loop in extent_write_cache_pages Greg Kroah-Hartman
2020-02-13 21:01 ` David Sterba
2020-02-14 1:19 ` Sasha Levin
2020-02-13 15:20 ` [PATCH 4.9 090/116] KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 091/116] KVM: VMX: Add non-canonical check on writes to RTIT address MSRs Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 092/116] KVM: nVMX: vmread should not set rflags to specify success in case of #PF Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 093/116] cifs: fail i/o on soft mounts if sessionsetup errors out Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 094/116] clocksource: Prevent double add_timer_on() for watchdog_timer Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 095/116] perf/core: Fix mlock accounting in perf_mmap() Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 096/116] rxrpc: Fix service call disconnection Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 097/116] ASoC: pcm: update FE/BE trigger order based on the command Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 098/116] RDMA/netlink: Do not always generate an ACK for some netlink operations Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 099/116] scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 100/116] PCI: Dont disable bridge BARs when assigning bus resources Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 101/116] nfs: NFS_SWAP should depend on SWAP Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 102/116] NFSv4: try lease recovery on NFS4ERR_EXPIRED Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 103/116] rtc: hym8563: Return -EINVAL if the time is known to be invalid Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 104/116] rtc: cmos: Stop using shared IRQ Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 105/116] ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 106/116] ARM: dts: at91: sama5d3: fix maximum peripheral clock rates Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 107/116] ARM: dts: at91: sama5d3: define clock rate range for tcb1 Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 108/116] tools/power/acpi: fix compilation error Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 109/116] powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 110/116] pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 111/116] scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 112/116] dm: fix potential for q->make_request_fn NULL pointer Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 113/116] mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 114/116] mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() Greg Kroah-Hartman
2020-02-13 15:20 ` [PATCH 4.9 115/116] libertas: dont exit from lbs_ibss_join_existing() with RCU read lock held Greg Kroah-Hartman
2020-02-13 15:21 ` [PATCH 4.9 116/116] libertas: make lbs_ibss_join_existing() return error code on rates overflow Greg Kroah-Hartman
2020-02-14 1:21 ` [PATCH 4.9 000/116] 4.9.214-stable review shuah
2020-02-14 5:26 ` Guenter Roeck
2020-02-14 10:13 ` Naresh Kamboju
2020-02-14 10:26 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200213151859.743949173@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=bfields@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rbergant@redhat.com \
--cc=sorenson@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).