From patchwork Thu Feb 13 15:19:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg Kroah-Hartman X-Patchwork-Id: 231205 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 87BFBC2BA83 for ; Thu, 13 Feb 2020 16:10:43 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 54C3E206ED for ; Thu, 13 Feb 2020 16:10:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1581610243; bh=UgUBiE+ZkRaMWhlUjKNj+2Tuy86AoWjgnJq2BmuxJRc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=uQwSVcMwd0/W9P2r1AqNYGt/XpruPoZtTGfeJBrYg5SvLCvU0Vk/vPsKoQSvJQ1jj 8F6wxOk537uYhXb74wkJn24A5ZA6/BC5c/5fJk2eMpGRCfHVwJkrvJIB/C8djWgeVt 0gACLiBpbCl3QcUWWKxIucXrJAryenNF+vGKEA08= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727921AbgBMPWe (ORCPT ); Thu, 13 Feb 2020 10:22:34 -0500 Received: from mail.kernel.org ([198.145.29.99]:60128 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727972AbgBMPWe (ORCPT ); Thu, 13 Feb 2020 10:22:34 -0500 Received: from localhost (unknown [104.132.1.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 84506246B5; Thu, 13 Feb 2020 15:22:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1581607352; bh=UgUBiE+ZkRaMWhlUjKNj+2Tuy86AoWjgnJq2BmuxJRc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=AtDv5YCwFtBCr95boqw0TSf7kADrhG8SDADWulgsujh9IBpa96Segn1DCvkhI0Unc GAfQOv5+j9j4zoVwIfLPN7ybJM3u+RUt2szTrTaNgaHUlgJG0VFu6k/4IwarCFrjcM 0zoisIkCmdOCXEUgX+RXDKoVJ2UNOv/BYNqJB3t0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Roberto Bergantinos Corpas , Frank Sorenson , "J. Bruce Fields" Subject: [PATCH 4.4 34/91] sunrpc: expiry_time should be seconds not timeval Date: Thu, 13 Feb 2020 07:19:51 -0800 Message-Id: <20200213151834.880205664@linuxfoundation.org> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200213151821.384445454@linuxfoundation.org> References: <20200213151821.384445454@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Roberto Bergantinos Corpas commit 3d96208c30f84d6edf9ab4fac813306ac0d20c10 upstream. When upcalling gssproxy, cache_head.expiry_time is set as a timeval, not seconds since boot. As such, RPC cache expiry logic will not clean expired objects created under auth.rpcsec.context cache. This has proven to cause kernel memory leaks on field. Using 64 bit variants of getboottime/timespec Expiration times have worked this way since 2010's c5b29f885afe "sunrpc: use seconds since boot in expiry cache". The gssproxy code introduced in 2012 added gss_proxy_save_rsc and introduced the bug. That's a while for this to lurk, but it required a bit of an extreme case to make it obvious. Signed-off-by: Roberto Bergantinos Corpas Cc: stable@vger.kernel.org Fixes: 030d794bf498 "SUNRPC: Use gssproxy upcall for server..." Tested-By: Frank Sorenson Signed-off-by: J. Bruce Fields Signed-off-by: Greg Kroah-Hartman --- net/sunrpc/auth_gss/svcauth_gss.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -1173,6 +1173,7 @@ static int gss_proxy_save_rsc(struct cac dprintk("RPC: No creds found!\n"); goto out; } else { + struct timespec64 boot; /* steal creds */ rsci.cred = ud->creds; @@ -1193,6 +1194,9 @@ static int gss_proxy_save_rsc(struct cac &expiry, GFP_KERNEL); if (status) goto out; + + getboottime64(&boot); + expiry -= boot.tv_sec; } rsci.h.expiry_time = expiry;