[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20121019231518.GE13292@decadent.org.uk>
Date: Sat, 20 Oct 2012 00:15:18 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org,
alan@...rguk.ukuu.org.uk,
Stanislav Kinsbursky <skinsbursky@...allels.com>,
Trond Myklebust <Trond.Myklebust@...app.com>
Subject: Re: [ 02/37] lockd: use rpc clients cl_nodename for id encoding
On Thu, Oct 18, 2012 at 08:16:25PM -0700, Greg Kroah-Hartman wrote:
> 3.0-stable review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Stanislav Kinsbursky <skinsbursky@...allels.com>
>
> commit 303a7ce92064c285a04c870f2dc0192fdb2968cb upstream.
>
> Taking hostname from uts namespace if not safe, because this cuold be
> performind during umount operation on child reaper death. And in this case
> current->nsproxy is NULL already.
In this case (3.0.y) you haven't included the following change
(commit cb7323fffa85 'lockd: create and use per-net NSM RPC clients on
MON/UNMON requests') that makes lockd actually use cl_nodename. I
think this patch alone won't fix the bug, as nsm_args::nodename can
end up pointing to freed memory.
(I also wonder whether clients should really be per-net or per UTS
namespace, and whether those should be orthogonal namespaces at all.)
Ben.
[....]
> --- a/fs/lockd/mon.c
> +++ b/fs/lockd/mon.c
> @@ -40,6 +40,7 @@ struct nsm_args {
> u32 proc;
>
> char *mon_name;
> + char *nodename;
> };
>
> struct nsm_res {
> @@ -93,6 +94,7 @@ static int nsm_mon_unmon(struct nsm_hand
> .vers = 3,
> .proc = NLMPROC_NSM_NOTIFY,
> .mon_name = nsm->sm_mon_name,
> + .nodename = utsname()->nodename,
> };
> struct rpc_message msg = {
> .rpc_argp = &args,
> @@ -429,7 +431,7 @@ static void encode_my_id(struct xdr_stre
> {
> __be32 *p;
>
> - encode_nsm_string(xdr, utsname()->nodename);
> + encode_nsm_string(xdr, argp->nodename);
> p = xdr_reserve_space(xdr, 4 + 4 + 4);
> *p++ = cpu_to_be32(argp->prog);
> *p++ = cpu_to_be32(argp->vers);
--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
- Albert Camus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists