Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp1060374ybk;
        Wed, 20 May 2020 20:23:41 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyZSurEkj0v7z/5fOcFBZsGe5b7pw0Lp0Az8mub/4sGxH1CD+zQJIjxRznLWvxDa6ZJemN6
X-Received: by 2002:a17:906:2e46:: with SMTP id r6mr1724555eji.222.1590031421130;
        Wed, 20 May 2020 20:23:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1590031421; cv=none;
        d=google.com; s=arc-20160816;
        b=lLSioHDWTc//TejVlqAAN0rKQ4vfXZ2YfgZXbDAWYFk9GPlXX5dqSDk415pKwyxTUs
         WNA+YbPRh2A/ZZat+16/iODp2JzUb28I7+e8fmAReCSafyDkx0QaGIs/girjDwLtfvWk
         5jiFUTYiF7LStVXgK9Y/m0rnIRL6HgPG98DX3J2XkuQ1W1zilRF5DqGeiIUg96bscGKL
         pLoKe9UDSAkJL9ia5zbICXeOPsHZjaaBvZ8Oq7ZDbWg2Kv9SLl3MNQA6jP9Rn8RYi000
         CQXyJKnc5kNVyEwyMMP+V5sFB9bug9DHx7EG+adoqSAvEDmZNkQbO+wDfYzDbGnWv0P2
         2nPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:message-id:cc:subject:date:to:from;
        bh=CaeRtAB3etUwppMdtNwOvxbXXPp0dP7/a8rQkZVUM9M=;
        b=LtSzDsyX5Iuyj7nFhC+BiJl0HR4cXkb/1P39UMi5W5J77QqBgYuSfNklYijNkX0aTv
         lbLrTCZp2v87eQNqvsJMtthu3YyxZc+RaCQa04ughtNAgkU64iHbxZHp8HbEnsF/2e31
         jXoStDiUlozLKQwULzk2zXfjLPA7LQ7cMraHoNdklJytgmy/A1OYbEwlgkVD+i0Uo2Ev
         dpFyUzmAYXk8GOqy18Mt4Q7OU2HVPoQHLqq4DY2A8Gi+pR+md2PTRZelZrN0YzJexUvU
         jUPPpw/HV61G0QMxW2ZBacYBOdGu3jYRhvVFUUNbmJmBN0EDWHc4U0yqabcAPOPyTcz7
         Zmww==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id j5si2681029ejd.723.2020.05.20.20.23.05;
        Wed, 20 May 2020 20:23:41 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727955AbgEUDWy (ORCPT <rfc822;msys.mizuma@gmail.com>
        + 99 others); Wed, 20 May 2020 23:22:54 -0400
Received: from mx2.suse.de ([195.135.220.15]:58918 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727825AbgEUDWy (ORCPT <rfc822;linux-nfs@vger.kernel.org>);
        Wed, 20 May 2020 23:22:54 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id D577CB132;
        Thu, 21 May 2020 03:22:55 +0000 (UTC)
From:   NeilBrown <neilb@suse.de>
To:     "J. Bruce Fields" <bfields@fieldses.org>,
        Chuck Lever <chuck.lever@oracle.com>, kircherlike@outlook.com,
        Stephen Hemminger <stephen@networkplumber.org>
Date:   Thu, 21 May 2020 13:21:41 +1000
Subject: [PATCH 0/3] SUNRPC/svc: fix gss flavour registration problems.
Cc:     linux-nfs@vger.kernel.org
Message-ID: <159003086409.24897.4659128962844846611.stgit@noble>
User-Agent: StGit/0.21
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

As reported in
 https://bugzilla.kernel.org/show_bug.cgi?id=206651
there are problems with sunrpc/svc flavour registration.

This can be demonstrated as a memory-leak if you load the
rpcsec_gss_krb5 module, then unload the sunrpc module and all
dependents.  This action leaks 3 kmalloc-64 slab entires, and some
strings.

The possible consequences are worse.  If only unload rpcsec_gss_krb5
and reload just that, it will allow the old registered flavour handlers
to be used, and they will include pointers into memory which has since
been freed and possibly reused.  This can result in undesired
behaviour.

The first patch makes the leak apparent with a WARNing, the second
prevents it but also prevents module reload, the third removes the
incorrect behaviour so the module can be safely unloaded and reloaded.

I think all are suitable for -stable, but I haven't determined
appropriate 'Fixes:' tags.

NeilBrown

---

NeilBrown (3):
      sunrpc: check that domain table is empty at module unload.
      sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
      sunrpc: clean up properly in gss_mech_unregister()


 include/linux/sunrpc/gss_api.h        |    1 +
 include/linux/sunrpc/svcauth_gss.h    |    3 ++-
 net/sunrpc/auth_gss/gss_mech_switch.c |   12 +++++++++---
 net/sunrpc/auth_gss/svcauth_gss.c     |   17 ++++++++++-------
 net/sunrpc/sunrpc.h                   |    1 +
 net/sunrpc/sunrpc_syms.c              |    2 ++
 net/sunrpc/svcauth.c                  |   18 ++++++++++++++++++
 7 files changed, 43 insertions(+), 11 deletions(-)

--
Signature