asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/net/sunrpc
History
J. Bruce Fields b18e44ebe0 rpc: fix NULL dereference on kmalloc failure 
[ Upstream commit 0ddc942394013f08992fc379ca04cffacbbe3dae ]

I think this is unlikely but possible:

svc_authenticate sets rq_authop and calls svcauth_gss_accept.  The
kmalloc(sizeof(*svcdata), GFP_KERNEL) fails, leaving rq_auth_data NULL,
and returning SVC_DENIED.

This causes svc_process_common to go to err_bad_auth, and eventually
call svc_authorise.  That calls ->release == svcauth_gss_release, which
tries to dereference rq_auth_data.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Link: https://lore.kernel.org/linux-nfs/3F1B347F-B809-478F-A1E9-0BE98E22B0F0@oracle.com/T/#t
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-04-07 12:48:47 +02:00
..
auth_gss rpc: fix NULL dereference on kmalloc failure 2021-04-07 12:48:47 +02:00
xprtrdma svcrdma: disable timeouts on rdma backchannel 2021-03-24 11:07:33 +01:00
addr.c net: sunrpc: interpret the return value of kstrtou32 correctly 2021-01-19 18:22:38 +01:00
auth.c sunrpc: kstrtoul() can also return -ERANGE 2018-07-31 12:53:40 -04:00
auth_generic.c SUNRPC: Fix a bogus get/put in generic_key_to_expire() 2018-12-01 09:37:33 +01:00
auth_null.c net/sunrpc: Make rpc_auth_create_args a const 2018-07-30 13:19:41 -04:00
auth_unix.c net/sunrpc: Make rpc_auth_create_args a const 2018-07-30 13:19:41 -04:00
backchannel_rqst.c sunrpc: whitespace fixes 2018-07-31 12:53:40 -04:00
cache.c sunrpc: fix crash when cache_head become valid before update 2019-12-17 20:35:52 +01:00
clnt.c net :sunrpc :clnt :Fix xps refcount imbalance on the error path 2019-07-14 08:11:15 +02:00
debugfs.c net: Use octal not symbolic permissions 2018-03-26 12:07:48 -04:00
Kconfig IB: Revert "remove redundant INFINIBAND kconfig dependencies" 2018-05-28 10:40:16 -06:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netns.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rpc_pipe.c sunrpc: fixed rollback in rpc_gssd_dummy_populate() 2020-06-30 23:17:18 -04:00
rpcb_clnt.c SUNRPC: stop printk reading past end of string 2020-09-23 12:10:58 +02:00
sched.c SUNRPC: Fix priority queue fairness 2019-11-24 08:19:24 +01:00
socklib.c
stats.c sunrpc: whitespace fixes 2018-07-31 12:53:40 -04:00
sunrpc.h sunrpc: whitespace fixes 2018-07-31 12:53:40 -04:00
sunrpc_syms.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
svc.c sunrpc: fix refcount leak for rpc auth modules 2021-03-24 11:07:33 +01:00
svc_xprt.c NFSD: Repair misuse of sv_lock in 5.10.16-rt30. 2021-03-24 11:07:33 +01:00
svcauth.c
svcauth_unix.c kernel: make groups_sort calling a responsibility group_info allocators 2017-12-14 16:00:49 -08:00
svcsock.c svcrdma: Fix leak of svc_rdma_recv_ctxt objects 2020-05-02 17:25:52 +02:00
sysctl.c
timer.c
xdr.c SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() 2020-06-30 23:17:18 -04:00
xprt.c SUNRPC: xprt_load_transport() needs to support the netid "rdma6" 2020-12-30 11:25:59 +01:00
xprtmultipath.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xprtsock.c SUNRPC: xprt_load_transport() needs to support the netid "rdma6" 2020-12-30 11:25:59 +01:00