[PATCH 5.2 071/162] NFSv4: Fix a credential refcount leak in nfs41_check_delegation_stateid

From: Greg Kroah-Hartman
Date: Tue Aug 27 2019 - 04:10:40 EST

Next message: Greg Kroah-Hartman: "[PATCH 5.2 020/162] spi: pxa2xx: Balance runtime PM enable/disable on error"
Previous message: Greg Kroah-Hartman: "[PATCH 5.2 021/162] bpf: sockmap, sock_map_delete needs to use xchg"
In reply to: Greg Kroah-Hartman: "[PATCH 5.2 021/162] bpf: sockmap, sock_map_delete needs to use xchg"
Next in thread: Greg Kroah-Hartman: "[PATCH 5.2 020/162] spi: pxa2xx: Balance runtime PM enable/disable on error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ Upstream commit 8c39a39e28b86a4021d9be314ce01019bafa5fdc ]

It is unsafe to dereference delegation outside the rcu lock, and in
any case, the refcount is guaranteed held if cred is non-zero.

Signed-off-by: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
fs/nfs/nfs4proc.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 63edda145d1b8..420f2350c2781 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -2752,8 +2752,7 @@ static void nfs41_check_delegation_stateid(struct nfs4_state *state)
if (status == -NFS4ERR_EXPIRED || status == -NFS4ERR_BAD_STATEID)
nfs_finish_clear_delegation_stateid(state, &stateid);

- if (delegation->cred)
- put_cred(cred);
+ put_cred(cred);
}

/**
--
2.20.1

Next message: Greg Kroah-Hartman: "[PATCH 5.2 020/162] spi: pxa2xx: Balance runtime PM enable/disable on error"
Previous message: Greg Kroah-Hartman: "[PATCH 5.2 021/162] bpf: sockmap, sock_map_delete needs to use xchg"
In reply to: Greg Kroah-Hartman: "[PATCH 5.2 021/162] bpf: sockmap, sock_map_delete needs to use xchg"
Next in thread: Greg Kroah-Hartman: "[PATCH 5.2 020/162] spi: pxa2xx: Balance runtime PM enable/disable on error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]