korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-11 21:38:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
427d4e4c27
linux/net/sunrpc/auth_gss
History
Laura Abbott 8b89affb42 sunrpc: Don't use stack buffer with scatterlist 
[ Upstream commit 44090cc876 ]

Fedora got a bug report from NFS:

kernel BUG at include/linux/scatterlist.h:143!
...
RIP: 0010:sg_init_one+0x7d/0x90
..
  make_checksum+0x4e7/0x760 [rpcsec_gss_krb5]
  gss_get_mic_kerberos+0x26e/0x310 [rpcsec_gss_krb5]
  gss_marshal+0x126/0x1a0 [auth_rpcgss]
  ? __local_bh_enable_ip+0x80/0xe0
  ? call_transmit_status+0x1d0/0x1d0 [sunrpc]
  call_transmit+0x137/0x230 [sunrpc]
  __rpc_execute+0x9b/0x490 [sunrpc]
  rpc_run_task+0x119/0x150 [sunrpc]
  nfs4_run_exchange_id+0x1bd/0x250 [nfsv4]
  _nfs4_proc_exchange_id+0x2d/0x490 [nfsv4]
  nfs41_discover_server_trunking+0x1c/0xa0 [nfsv4]
  nfs4_discover_server_trunking+0x80/0x270 [nfsv4]
  nfs4_init_client+0x16e/0x240 [nfsv4]
  ? nfs_get_client+0x4c9/0x5d0 [nfs]
  ? _raw_spin_unlock+0x24/0x30
  ? nfs_get_client+0x4c9/0x5d0 [nfs]
  nfs4_set_client+0xb2/0x100 [nfsv4]
  nfs4_create_server+0xff/0x290 [nfsv4]
  nfs4_remote_mount+0x28/0x50 [nfsv4]
  mount_fs+0x3b/0x16a
  vfs_kern_mount.part.35+0x54/0x160
  nfs_do_root_mount+0x7f/0xc0 [nfsv4]
  nfs4_try_mount+0x43/0x70 [nfsv4]
  ? get_nfs_version+0x21/0x80 [nfs]
  nfs_fs_mount+0x789/0xbf0 [nfs]
  ? pcpu_alloc+0x6ca/0x7e0
  ? nfs_clone_super+0x70/0x70 [nfs]
  ? nfs_parse_mount_options+0xb40/0xb40 [nfs]
  mount_fs+0x3b/0x16a
  vfs_kern_mount.part.35+0x54/0x160
  do_mount+0x1fd/0xd50
  ksys_mount+0xba/0xd0
  __x64_sys_mount+0x21/0x30
  do_syscall_64+0x60/0x1f0
  entry_SYSCALL_64_after_hwframe+0x49/0xbe

This is BUG_ON(!virt_addr_valid(buf)) triggered by using a stack
allocated buffer with a scatterlist. Convert the buffer for
rc4salt to be dynamically allocated instead.

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1615258
Signed-off-by: Laura Abbott <labbott@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-09-15 09:45:26 +02:00
..
auth_gss.c net, sunrpc: convert gss_upcall_msg.count from atomic_t to refcount_t 2017-07-04 22:35:17 +01:00
gss_generic_token.c sunrpc: eliminate RPC_DEBUG 2014-11-24 17:31:46 -05:00
gss_krb5_crypto.c sunrpc: Don't use stack buffer with scatterlist 2018-09-15 09:45:26 +02:00
gss_krb5_keys.c sunrpc: Use skcipher and ahash/shash 2016-01-27 20:36:01 +08:00
gss_krb5_mech.c sunrpc: GFP_KERNEL should be GFP_NOFS in crypto code 2016-11-01 15:47:52 -04:00
gss_krb5_seal.c sunrpc: eliminate RPC_DEBUG 2014-11-24 17:31:46 -05:00
gss_krb5_seqnum.c sunrpc: Use skcipher and ahash/shash 2016-01-27 20:36:01 +08:00
gss_krb5_unseal.c sunrpc: eliminate RPC_DEBUG 2014-11-24 17:31:46 -05:00
gss_krb5_wrap.c mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros 2016-04-04 10:41:08 -07:00
gss_mech_switch.c xprtrdma: No direct data placement with krb5i and krb5p 2016-07-11 15:50:43 -04:00
gss_rpc_upcall.c sunrpc: mark all struct rpc_procinfo instances as const 2017-07-13 15:57:57 -04:00
gss_rpc_upcall.h Merge branch 'nfs-for-next' of git://linux-nfs.org/~trondmy/nfs-2.6 into for-3.10 2013-04-29 16:23:34 -04:00
gss_rpc_xdr.c kernel: make groups_sort calling a responsibility group_info allocators 2017-12-20 10:10:18 +01:00
gss_rpc_xdr.h sunrpc/auth_gss: fix decoder callback prototypes 2017-07-13 15:57:55 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
svcauth_gss.c kernel: make groups_sort calling a responsibility group_info allocators 2017-12-20 10:10:18 +01:00