rpms/kernel/F-10 linux-2.6-nfsd-cred-refcount-fix.patch, NONE, 1.1 kernel.spec, 1.1390, 1.1391

Fri Jul 3 04:09:19 UTC 2009

Author: cebbert

Update of /cvs/pkgs/rpms/kernel/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32191

Modified Files:
	kernel.spec 
Added Files:
	linux-2.6-nfsd-cred-refcount-fix.patch 
Log Message:
Fix NFSD credential refcounting.

linux-2.6-nfsd-cred-refcount-fix.patch:

--- NEW FILE linux-2.6-nfsd-cred-refcount-fix.patch ---
From: David Howells <dhowells at redhat.com>
Subject: [PATCH] NFSD: Don't hold unrefcounted creds over call to nfsd_setuser()

nfsd_open() gets an unrefcounted pointer to the current process's effective
credentials at the top of the function, then calls nfsd_setuser() via
fh_verify() - which may replace and destroy the current process's effective
credentials - and then passes the unrefcounted pointer to dentry_open() - but
the credentials may have been destroyed by this point.

Instead, the value from current_cred() should be passed directly to
dentry_open() as one of its arguments, rather than being cached in a variable.

Possibly fh_verify() should return the creds to use.

Signed-off-by: David Howells <dhowells at redhat.com>
---

 fs/nfsd/vfs.c |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 4145083..23341c1 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -678,7 +678,6 @@ __be32
 nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type,
 			int access, struct file **filp)
 {
-	const struct cred *cred = current_cred();
 	struct dentry	*dentry;
 	struct inode	*inode;
 	int		flags = O_RDONLY|O_LARGEFILE;
@@ -733,7 +732,7 @@ nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, int type,
 		vfs_dq_init(inode);
 	}
 	*filp = dentry_open(dget(dentry), mntget(fhp->fh_export->ex_path.mnt),
-			    flags, cred);
+			    flags, current_cred());
 	if (IS_ERR(*filp))
 		host_err = PTR_ERR(*filp);
 	else


Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-10/kernel.spec,v
retrieving revision 1.1390
retrieving revision 1.1391
diff -u -p -r1.1390 -r1.1391
--- kernel.spec	3 Jul 2009 04:05:56 -0000	1.1390
+++ kernel.spec	3 Jul 2009 04:09:19 -0000	1.1391
@@ -718,6 +718,7 @@ Patch9001: squashfs-fixups.patch
 Patch9010: revert-fix-modules_install-via-nfs.patch
 Patch9011: linux-2.6-nfsd-report-short-writes.patch
 Patch9012: linux-2.6-nfsd-report-short-writes-fix.patch
+Patch9013: linux-2.6-nfsd-cred-refcount-fix.patch
 
 #Adding dropmonitor bits from 2.6.30
 Patch9100: linux-2.6-dropwatch-protocol.patch
@@ -1359,6 +1360,8 @@ ApplyPatch revert-fix-modules_install-vi
 ApplyPatch linux-2.6-nfsd-report-short-writes.patch
 # fix the fix (#508095)
 ApplyPatch linux-2.6-nfsd-report-short-writes-fix.patch
+# Fix nfs credential refcounting (F11 #494067)
+ApplyPatch linux-2.6-nfsd-cred-refcount-fix.patch
 
 # Apply dropmonitor protocol bits from 2.6..30 net-next tree
 ApplyPatch linux-2.6-dropwatch-protocol.patch
@@ -1955,6 +1958,9 @@ fi
 %kernel_variant_files -k vmlinux %{with_kdump} kdump
 
 %changelog
+* Fri Jul 03 2009 Chuck Ebbert <cebbert at redhat.com> kernel-2.6.29.6-91
+- Fix NFSD credential refcounting.
+
 * Fri Jul 03 2009 Chuck Ebbert <cebbert at redhat.com> kernel-2.6.29.6-90
 - Linux 2.6.29.6
 - Dropped patches merged in -stable:


