Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 833684 Details for
Bug 1038315
RHEL6.5: kernel 2.6.32-431.el6 + openafs 1.6.5.1 panics with RIP cache_alloc_refill called from getname, names_cache corrupted
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
patch -- stop trying to use getname/putname
0001-Linux-stop-trying-to-use-getname-putname.patch (text/plain), 3.76 KB, created by
Jeff Layton
on 2013-12-06 17:00:08 UTC
(
hide
)
Description:
patch -- stop trying to use getname/putname
Filename:
MIME Type:
Creator:
Jeff Layton
Created:
2013-12-06 17:00:08 UTC
Size:
3.76 KB
patch
obsolete
>From ddab3849de6654af8f512fbc32538767e2c0047e Mon Sep 17 00:00:00 2001 >From: Jeff Layton <jlayton@redhat.com> >Date: Fri, 6 Dec 2013 11:45:47 -0500 >Subject: [PATCH] Linux: stop trying to use getname/putname > >The current code has afs_putname defined as > > kmem_cache_free(names_cachep, (void *)name); > >This is wrong and will cause a double-free when syscall auditing is >enabled. Fix it to call putname properly. > >Instead of that, just create a new afs_getname function that doesn't >bother with struct filename at all, and use that unconditionally. > >Signed-off-by: Jeff Layton <jlayton@redhat.com> >--- > src/afs/LINUX/osi_compat.h | 26 ----------------------- > src/afs/LINUX/osi_misc.c | 51 ++++++++++++++++++++++++++++++++++------------ > 2 files changed, 38 insertions(+), 39 deletions(-) > >diff --git a/src/afs/LINUX/osi_compat.h b/src/afs/LINUX/osi_compat.h >index 105a7e9..e9e5076 100644 >--- a/src/afs/LINUX/osi_compat.h >+++ b/src/afs/LINUX/osi_compat.h >@@ -555,32 +555,6 @@ afs_dentry_open(struct dentry *dp, struct vfsmount *mnt, int flags, const struct > } > #endif > >-#if !defined(STRUCT_FILENAME_HAS_NAME) >-typedef char *afs_name_t; >- >-static inline char * >-afs_name_to_string(afs_name_t s) { >- return (char *)s; >-} >- >-static inline void >-afs_putname(afs_name_t name) { >- putname((char *)name); >-} >-#else >-typedef struct filename *afs_name_t; >- >-static inline char * >-afs_name_to_string(afs_name_t s) { >- return (char *)s->name; >-} >- >-static inline void >-afs_putname(afs_name_t name) { >- kmem_cache_free(names_cachep, (void *)name); >-} >-#endif >- > static inline int > afs_truncate(struct inode *inode, int len) > { >diff --git a/src/afs/LINUX/osi_misc.c b/src/afs/LINUX/osi_misc.c >index 879f7a1..3ff3f48 100644 >--- a/src/afs/LINUX/osi_misc.c >+++ b/src/afs/LINUX/osi_misc.c >@@ -77,26 +77,52 @@ osi_lookupname_internal(char *aname, int followlink, struct vfsmount **mnt, > return code; > } > >+/* FIXME: shouldn't the aname pointer have a __user annotation? */ >+static char * >+afs_getname(char *aname) >+{ >+ int len, err; >+ char *name = kmem_cache_alloc(names_cachep, GFP_KERNEL); >+ >+ if (!name) >+ return ERR_PTR(-ENOMEM); >+ >+ len = strncpy_from_user(name, uname, PATH_MAX); >+ if (len < 0) >+ goto error; >+ if (len >= PATH_MAX) { >+ len = -ENAMETOOLONG; >+ goto error; >+ } >+error: >+ kmem_cache_free(name); >+ return ERR_PTR(len); >+} >+ >+static void >+afs_putname(char *name) >+{ >+ kmem_cache_free(name); >+} >+ > int > osi_lookupname(char *aname, uio_seg_t seg, int followlink, > struct dentry **dpp) > { > int code; >- afs_name_t tname = NULL; > char *name; > > code = ENOENT; > if (seg == AFS_UIOUSER) { >- tname = getname(aname); >- if (IS_ERR(tname)) >- return PTR_ERR(tname); >- name = afs_name_to_string(tname); >+ name = afs_getname(aname); >+ if (IS_ERR(name)) >+ return PTR_ERR(name); > } else { > name = aname; > } > code = osi_lookupname_internal(name, followlink, NULL, dpp); > if (seg == AFS_UIOUSER) { >- afs_putname(tname); >+ afs_putname(name); > } > return code; > } >@@ -106,15 +132,14 @@ int osi_abspath(char *aname, char *buf, int buflen, > { > struct dentry *dp = NULL; > struct vfsmount *mnt = NULL; >- afs_name_t tname; >- char *path; >+ char *name, *path; > int code; > > code = ENOENT; >- tname = getname(aname); >- if (IS_ERR(tname)) >- return -PTR_ERR(tname); >- code = osi_lookupname_internal(afs_name_to_string(tname), followlink, &mnt, &dp); >+ name = afs_getname(aname); >+ if (IS_ERR(name)) >+ return -PTR_ERR(name); >+ code = osi_lookupname_internal(name, followlink, &mnt, &dp); > if (!code) { > #if defined(D_PATH_TAKES_STRUCT_PATH) > afs_linux_path_t p = { mnt, dp }; >@@ -133,7 +158,7 @@ int osi_abspath(char *aname, char *buf, int buflen, > mntput(mnt); > } > >- afs_putname(tname); >+ afs_putname(name); > return code; > } > >-- >1.8.4.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=833684">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1038315
:
833301
| 833684