diff options
| author | Bryan Schumaker <bjschuma@netapp.com> | 2011-04-13 14:31:28 -0400 |
|---|---|---|
| committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2011-04-13 15:12:22 -0400 |
| commit | d1a8016a2d1e75021ecc8715e3c81442d7218eb6 (patch) | |
| tree | b2aaef4f3aa4566765c6e3c743c74929a7790af2 | |
| parent | 79a48a1f5d99ab66cf83d2d5d805e7a0e08452ed (diff) | |
NFS: Fix infinite loop in gss_create_upcall()
There can be an infinite loop if gss_create_upcall() is called without
the userspace program running. To prevent this, we return -EACCES if
we notice that pipe_version hasn't changed (indicating that the pipe
has not been opened).
Signed-off-by: Bryan Schumaker <bjschuma@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| -rw-r--r-- | fs/nfs/nfs4proc.c | 5 | ||||
| -rw-r--r-- | net/sunrpc/auth_gss/auth_gss.c | 8 |
2 files changed, 8 insertions, 5 deletions
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 9bf41eab3e46..8a03ee0689f3 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c | |||
| @@ -2224,8 +2224,9 @@ static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle, | |||
| 2224 | 2224 | ||
| 2225 | for (i = 0; i < len; i++) { | 2225 | for (i = 0; i < len; i++) { |
| 2226 | status = nfs4_lookup_root_sec(server, fhandle, info, flav_array[i]); | 2226 | status = nfs4_lookup_root_sec(server, fhandle, info, flav_array[i]); |
| 2227 | if (status != -EPERM) | 2227 | if (status == -EPERM || status == -EACCES) |
| 2228 | break; | 2228 | continue; |
| 2229 | break; | ||
| 2229 | } | 2230 | } |
| 2230 | if (status == 0) | 2231 | if (status == 0) |
| 2231 | status = nfs4_server_capabilities(server, fhandle); | 2232 | status = nfs4_server_capabilities(server, fhandle); |
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index f3914d0c5079..339ba64cce1e 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c | |||
| @@ -520,7 +520,7 @@ gss_refresh_upcall(struct rpc_task *task) | |||
| 520 | warn_gssd(); | 520 | warn_gssd(); |
| 521 | task->tk_timeout = 15*HZ; | 521 | task->tk_timeout = 15*HZ; |
| 522 | rpc_sleep_on(&pipe_version_rpc_waitqueue, task, NULL); | 522 | rpc_sleep_on(&pipe_version_rpc_waitqueue, task, NULL); |
| 523 | return 0; | 523 | return -EAGAIN; |
| 524 | } | 524 | } |
| 525 | if (IS_ERR(gss_msg)) { | 525 | if (IS_ERR(gss_msg)) { |
| 526 | err = PTR_ERR(gss_msg); | 526 | err = PTR_ERR(gss_msg); |
| @@ -563,10 +563,12 @@ retry: | |||
| 563 | if (PTR_ERR(gss_msg) == -EAGAIN) { | 563 | if (PTR_ERR(gss_msg) == -EAGAIN) { |
| 564 | err = wait_event_interruptible_timeout(pipe_version_waitqueue, | 564 | err = wait_event_interruptible_timeout(pipe_version_waitqueue, |
| 565 | pipe_version >= 0, 15*HZ); | 565 | pipe_version >= 0, 15*HZ); |
| 566 | if (pipe_version < 0) { | ||
| 567 | warn_gssd(); | ||
| 568 | err = -EACCES; | ||
| 569 | } | ||
| 566 | if (err) | 570 | if (err) |
| 567 | goto out; | 571 | goto out; |
| 568 | if (pipe_version < 0) | ||
| 569 | warn_gssd(); | ||
| 570 | goto retry; | 572 | goto retry; |
| 571 | } | 573 | } |
| 572 | if (IS_ERR(gss_msg)) { | 574 | if (IS_ERR(gss_msg)) { |