sunrpc: expiry_time should be seconds not timeval

stable inclusion from linux-4.19.103 commit a90c2c5e8c01c50b6ba026742d0bfd3299b42d26 -------------------------------- commit 3d96208c upstream. When upcalling gssproxy, cache_head.expiry_time is set as a timeval, not seconds since boot. As such, RPC cache expiry logic will not clean expired objects created under auth.rpcsec.context cache. This has proven to cause kernel memory leaks on field. Using 64 bit variants of getboottime/timespec Expiration times have worked this way since 2010's c5b29f88 "sunrpc: use seconds since boot in expiry cache". The gssproxy code introduced in 2012 added gss_proxy_save_rsc and introduced the bug. That's a while for this to lurk, but it required a bit of an extreme case to make it obvious. Signed-off-by: N Roberto Bergantinos Corpas <rbergant@redhat.com> Cc: stable@vger.kernel.org Fixes: 030d794b "SUNRPC: Use gssproxy upcall for server..." Tested-By: N Frank Sorenson <sorenson@redhat.com> Signed-off-by: N J. Bruce Fields <bfields@redhat.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com> Signed-off-by: N Li Aichun <liaichun@huawei.com> Reviewed-by: N guodeqing <geffrey.guo@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>

sunrpc: expiry_time should be seconds not timeval
stable inclusion from linux-4.19.103 commit a90c2c5e8c01c50b6ba026742d0bfd3299b42d26 -------------------------------- commit 3d96208c upstream. When upcalling gssproxy, cache_head.expiry_time is set as a timeval, not seconds since boot. As such, RPC cache expiry logic will not clean expired objects created under auth.rpcsec.context cache. This has proven to cause kernel memory leaks on field. Using 64 bit variants of getboottime/timespec Expiration times have worked this way since 2010's c5b29f88 "sunrpc: use seconds since boot in expiry cache". The gssproxy code introduced in 2012 added gss_proxy_save_rsc and introduced the bug. That's a while for this to lurk, but it required a bit of an extreme case to make it obvious. Signed-off-by: N Roberto Bergantinos Corpas <rbergant@redhat.com> Cc: stable@vger.kernel.org Fixes: 030d794b "SUNRPC: Use gssproxy upcall for server..." Tested-By: N Frank Sorenson <sorenson@redhat.com> Signed-off-by: N J. Bruce Fields <bfields@redhat.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com> Signed-off-by: N Li Aichun <liaichun@huawei.com> Reviewed-by: N guodeqing <geffrey.guo@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>
29e3dcdb · Roberto Bergantinos Corpas · Yang Yingliang · 386d5303 · 29e3dcdb
隐藏空白更改
内联并排

Showing with 4 addition and 0 deletion

net/sunrpc/auth_gss/svcauth_gss.c net/sunrpc/auth_gss/svcauth_gss.c +4 -0

未找到文件。
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -1192,6 +1192,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,
 		dprintk("RPC:       No creds found!\n");
 		goto out;
 	} else {
+		struct timespec64 boot;

 		/* steal creds */
 		rsci.cred = ud->creds;
@@ -1212,6 +1213,9 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,
 						&expiry, GFP_KERNEL);
 		if (status)
 			goto out;
+
+		getboottime64(&boot);
+		expiry -= boot.tv_sec;
 	}

 	rsci.h.expiry_time = expiry;