sunrpc: check that domain table is empty at module unload.

hulk inclusion category: bugfix bugzilla: NA CVE: CVE-2020-12656 --------------------------- The domain table should be empty at module unload. If it isn't there is a bug somewhere. So check and report. Link: https://bugzilla.kernel.org/show_bug.cgi?id=206651Signed-off-by: N NeilBrown <neilb@suse.de> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com> Reviewed-by: N Wenan Mao <maowenan@huawei.com> Reviewed-by: N Jason Yan <yanaijie@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>

sunrpc: check that domain table is empty at module unload.
hulk inclusion category: bugfix bugzilla: NA CVE: CVE-2020-12656 --------------------------- The domain table should be empty at module unload. If it isn't there is a bug somewhere. So check and report. Link: https://bugzilla.kernel.org/show_bug.cgi?id=206651Signed-off-by: N NeilBrown <neilb@suse.de> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com> Reviewed-by: N Wenan Mao <maowenan@huawei.com> Reviewed-by: N Jason Yan <yanaijie@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>
4e6cd5e4 · NeilBrown · Yang Yingliang · daa8e53b · 4e6cd5e4 · 4e6cd5e4
隐藏空白更改
内联并排

Showing with 30 addition and 0 deletion

net/sunrpc/sunrpc.h net/sunrpc/sunrpc.h +1 -0

net/sunrpc/sunrpc_syms.c net/sunrpc/sunrpc_syms.c +2 -0

net/sunrpc/svcauth.c net/sunrpc/svcauth.c +27 -0

未找到文件。
--- a/net/sunrpc/sunrpc.h
+++ b/net/sunrpc/sunrpc.h
@@ -56,4 +56,5 @@ int svc_send_common(struct socket *sock, struct xdr_buf *xdr,
 int rpc_clients_notifier_register(void);
 void rpc_clients_notifier_unregister(void);
+void auth_domain_cleanup(void);
 #endif /* _NET_SUNRPC_SUNRPC_H */
--- a/net/sunrpc/sunrpc_syms.c
+++ b/net/sunrpc/sunrpc_syms.c
@@ -22,6 +22,7 @@
 #include <linux/sunrpc/rpc_pipe_fs.h>
 #include <linux/sunrpc/xprtsock.h>
+#include "sunrpc.h"
 #include "netns.h"
 unsigned int sunrpc_net_id;
@@ -130,6 +131,7 @@ cleanup_sunrpc(void)
 	unregister_rpc_pipefs();
 	rpc_destroy_mempool();
 	unregister_pernet_subsys(&sunrpc_net_ops);
+	auth_domain_cleanup();
 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
 	rpc_unregister_sysctl();
 #endif

--- a/net/sunrpc/svcauth.c
+++ b/net/sunrpc/svcauth.c
@@ -18,6 +18,10 @@
 #include <linux/err.h>
 #include <linux/hash.h>
+#include <trace/events/sunrpc.h>
+#include "sunrpc.h"
 #define RPCDBG_FACILITY	RPCDBG_AUTH
@@ -170,3 +174,26 @@ struct auth_domain *auth_domain_find(char *name)
 	return auth_domain_lookup(name, NULL);
 }
 EXPORT_SYMBOL_GPL(auth_domain_find);
+/**
+ * auth_domain_cleanup - check that the auth_domain table is empty
+ *
+ * On module unload the auth_domain_table must be empty.  To make it
+ * easier to catch bugs which don't clean up domains properly, we
+ * warn if anything remains in the table at cleanup time.
+ *
+ * Note that we cannot proactively remove the domains at this stage.
+ * The ->release() function might be in a module that has already been
+ * unloaded.
+ */
+void auth_domain_cleanup(void)
+{
+	int h;
+	struct auth_domain *hp;
+	for (h = 0; h < DN_HASHMAX; h++)
+		hlist_for_each_entry(hp, &auth_domain_table[h], hash)
+			pr_warn("svc: domain %s still present at module unload.\n",
+				hp->name);
+}