• Laura Abbott's avatar
    sunrpc: Don't use stack buffer with scatterlist · 44090cc8
    Laura Abbott authored
    Fedora got a bug report from NFS:
    
    kernel BUG at include/linux/scatterlist.h:143!
    ...
    RIP: 0010:sg_init_one+0x7d/0x90
    ..
      make_checksum+0x4e7/0x760 [rpcsec_gss_krb5]
      gss_get_mic_kerberos+0x26e/0x310 [rpcsec_gss_krb5]
      gss_marshal+0x126/0x1a0 [auth_rpcgss]
      ? __local_bh_enable_ip+0x80/0xe0
      ? call_transmit_status+0x1d0/0x1d0 [sunrpc]
      call_transmit+0x137/0x230 [sunrpc]
      __rpc_execute+0x9b/0x490 [sunrpc]
      rpc_run_task+0x119/0x150 [sunrpc]
      nfs4_run_exchange_id+0x1bd/0x250 [nfsv4]
      _nfs4_proc_exchange_id+0x2d/0x490 [nfsv4]
      nfs41_discover_server_trunking+0x1c/0xa0 [nfsv4]
      nfs4_discover_server_trunking+0x80/0x270 [nfsv4]
      nfs4_init_client+0x16e/0x240 [nfsv4]
      ? nfs_get_client+0x4c9/0x5d0 [nfs]
      ? _raw_spin_unlock+0x24/0x30
      ? nfs_get_client+0x4c9/0x5d0 [nfs]
      nfs4_set_client+0xb2/0x100 [nfsv4]
      nfs4_create_server+0xff/0x290 [nfsv4]
      nfs4_remote_mount+0x28/0x50 [nfsv4]
      mount_fs+0x3b/0x16a
      vfs_kern_mount.part.35+0x54/0x160
      nfs_do_root_mount+0x7f/0xc0 [nfsv4]
      nfs4_try_mount+0x43/0x70 [nfsv4]
      ? get_nfs_version+0x21/0x80 [nfs]
      nfs_fs_mount+0x789/0xbf0 [nfs]
      ? pcpu_alloc+0x6ca/0x7e0
      ? nfs_clone_super+0x70/0x70 [nfs]
      ? nfs_parse_mount_options+0xb40/0xb40 [nfs]
      mount_fs+0x3b/0x16a
      vfs_kern_mount.part.35+0x54/0x160
      do_mount+0x1fd/0xd50
      ksys_mount+0xba/0xd0
      __x64_sys_mount+0x21/0x30
      do_syscall_64+0x60/0x1f0
      entry_SYSCALL_64_after_hwframe+0x49/0xbe
    
    This is BUG_ON(!virt_addr_valid(buf)) triggered by using a stack
    allocated buffer with a scatterlist. Convert the buffer for
    rc4salt to be dynamically allocated instead.
    
    Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1615258Signed-off-by: default avatarLaura Abbott <labbott@redhat.com>
    Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
    44090cc8
gss_krb5_crypto.c 26.9 KB