| From 3d96208c30f84d6edf9ab4fac813306ac0d20c10 Mon Sep 17 00:00:00 2001 |
| From: Roberto Bergantinos Corpas <rbergant@redhat.com> |
| Date: Tue, 4 Feb 2020 11:32:56 +0100 |
| Subject: sunrpc: expiry_time should be seconds not timeval |
| |
| From: Roberto Bergantinos Corpas <rbergant@redhat.com> |
| |
| commit 3d96208c30f84d6edf9ab4fac813306ac0d20c10 upstream. |
| |
| When upcalling gssproxy, cache_head.expiry_time is set as a |
| timeval, not seconds since boot. As such, RPC cache expiry |
| logic will not clean expired objects created under |
| auth.rpcsec.context cache. |
| |
| This has proven to cause kernel memory leaks on field. Using |
| 64 bit variants of getboottime/timespec |
| |
| Expiration times have worked this way since 2010's c5b29f885afe "sunrpc: |
| use seconds since boot in expiry cache". The gssproxy code introduced |
| in 2012 added gss_proxy_save_rsc and introduced the bug. That's a while |
| for this to lurk, but it required a bit of an extreme case to make it |
| obvious. |
| |
| Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com> |
| Cc: stable@vger.kernel.org |
| Fixes: 030d794bf498 "SUNRPC: Use gssproxy upcall for server..." |
| Tested-By: Frank Sorenson <sorenson@redhat.com> |
| Signed-off-by: J. Bruce Fields <bfields@redhat.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| net/sunrpc/auth_gss/svcauth_gss.c | 4 ++++ |
| 1 file changed, 4 insertions(+) |
| |
| --- a/net/sunrpc/auth_gss/svcauth_gss.c |
| +++ b/net/sunrpc/auth_gss/svcauth_gss.c |
| @@ -1224,6 +1224,7 @@ static int gss_proxy_save_rsc(struct cac |
| dprintk("RPC: No creds found!\n"); |
| goto out; |
| } else { |
| + struct timespec64 boot; |
| |
| /* steal creds */ |
| rsci.cred = ud->creds; |
| @@ -1244,6 +1245,9 @@ static int gss_proxy_save_rsc(struct cac |
| &expiry, GFP_KERNEL); |
| if (status) |
| goto out; |
| + |
| + getboottime64(&boot); |
| + expiry -= boot.tv_sec; |
| } |
| |
| rsci.h.expiry_time = expiry; |