linux-stable/net/sunrpc
Anna Schumaker 26e8bfa30d SUNRPC/TLS: Lock the lower_xprt during the tls handshake
Otherwise we run the risk of having the lower_xprt freed from underneath
us, causing an oops that looks like this:

[  224.150698] BUG: kernel NULL pointer dereference, address: 0000000000000018
[  224.150951] #PF: supervisor read access in kernel mode
[  224.151117] #PF: error_code(0x0000) - not-present page
[  224.151278] PGD 0 P4D 0
[  224.151361] Oops: 0000 [#1] PREEMPT SMP NOPTI
[  224.151499] CPU: 2 PID: 99 Comm: kworker/u10:6 Not tainted 6.6.0-rc3-g6465e260f487 #41264 a00b0960990fb7bc6d6a330ee03588b67f08a47b
[  224.151977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 2/2/2022
[  224.152216] Workqueue: xprtiod xs_tcp_tls_setup_socket [sunrpc]
[  224.152434] RIP: 0010:xs_tcp_tls_setup_socket+0x3cc/0x7e0 [sunrpc]
[  224.152643] Code: 00 00 48 8b 7c 24 08 e9 f3 01 00 00 48 83 7b c0 00 0f 85 d2 01 00 00 49 8d 84 24 f8 05 00 00 48 89 44 24 10 48 8b 00 48 89 c5 <4c> 8b 68 18 66 41 83 3f 0a 75 71 45 31 ff 4c 89 ef 31 f6 e8 5c 76
[  224.153246] RSP: 0018:ffffb00ec060fd18 EFLAGS: 00010246
[  224.153427] RAX: 0000000000000000 RBX: ffff8c06c2e53e40 RCX: 0000000000000001
[  224.153652] RDX: ffff8c073bca2408 RSI: 0000000000000282 RDI: ffff8c06c259ee00
[  224.153868] RBP: 0000000000000000 R08: ffffffff9da55aa0 R09: 0000000000000001
[  224.154084] R10: 00000034306c30f1 R11: 0000000000000002 R12: ffff8c06c2e51800
[  224.154300] R13: ffff8c06c355d400 R14: 0000000004208160 R15: ffff8c06c2e53820
[  224.154521] FS:  0000000000000000(0000) GS:ffff8c073bd00000(0000) knlGS:0000000000000000
[  224.154763] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  224.154940] CR2: 0000000000000018 CR3: 0000000062c1e000 CR4: 0000000000750ee0
[  224.155157] PKRU: 55555554
[  224.155244] Call Trace:
[  224.155325]  <TASK>
[  224.155395]  ? __die_body+0x68/0xb0
[  224.155507]  ? page_fault_oops+0x34c/0x3a0
[  224.155635]  ? _raw_spin_unlock_irqrestore+0xe/0x40
[  224.155793]  ? exc_page_fault+0x7a/0x1b0
[  224.155916]  ? asm_exc_page_fault+0x26/0x30
[  224.156047]  ? xs_tcp_tls_setup_socket+0x3cc/0x7e0 [sunrpc ae3a15912ae37fd51dafbdbc2dbd069117f8f5c8]
[  224.156367]  ? xs_tcp_tls_setup_socket+0x2fe/0x7e0 [sunrpc ae3a15912ae37fd51dafbdbc2dbd069117f8f5c8]
[  224.156697]  ? __pfx_xs_tls_handshake_done+0x10/0x10 [sunrpc ae3a15912ae37fd51dafbdbc2dbd069117f8f5c8]
[  224.157013]  process_scheduled_works+0x24e/0x450
[  224.157158]  worker_thread+0x21c/0x2d0
[  224.157275]  ? __pfx_worker_thread+0x10/0x10
[  224.157409]  kthread+0xe8/0x110
[  224.157510]  ? __pfx_kthread+0x10/0x10
[  224.157628]  ret_from_fork+0x37/0x50
[  224.157741]  ? __pfx_kthread+0x10/0x10
[  224.157859]  ret_from_fork_asm+0x1b/0x30
[  224.157983]  </TASK>

Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
2023-09-27 15:16:40 -04:00
..
auth_gss SUNRPC: Add enum svc_auth_status 2023-08-29 17:45:22 -04:00
xprtrdma xprtrdma: Remove unused function declaration rpcrdma_bc_post_recv() 2023-08-23 15:58:47 -04:00
.kunitconfig SUNRPC: Remove RPCSEC_GSS_KRB5_ENCTYPES_DES 2023-08-29 17:45:22 -04:00
addr.c nfsd: don't alloc under spinlock in rpc_parse_scope_id 2021-09-21 17:51:47 -04:00
auth_null.c SUNRPC: Add rpc_auth::au_ralign field 2019-02-14 11:48:36 -05:00
auth_tls.c SUNRPC: Fail quickly when server does not recognize TLS 2023-09-27 15:16:40 -04:00
auth_unix.c SUNRPC: Fix unx_lookup_cred() allocation 2022-03-22 15:52:55 -04:00
auth.c SUNRPC: Fail quickly when server does not recognize TLS 2023-09-27 15:16:40 -04:00
backchannel_rqst.c NFS client updates for Linux 5.20 2022-08-10 14:04:32 -07:00
cache.c treewide: use get_random_u32_below() instead of deprecated function 2022-11-18 02:15:15 +01:00
clnt.c Revert "SUNRPC dont update timeout value on connection reset" 2023-09-27 15:16:40 -04:00
debugfs.c SUNRPC: Cache deferral injection 2022-05-19 12:25:38 -04:00
fail.h SUNRPC: Cache deferral injection 2022-05-19 12:25:38 -04:00
Kconfig SUNRPC: Remove CONFIG_RPCSEC_GSS_KRB5_CRYPTOSYSTEM 2023-08-29 17:45:22 -04:00
Makefile SUNRPC: Add RPC client support for the RPC_AUTH_TLS auth flavor 2023-06-19 12:18:36 -04:00
netns.h SUNRPC: Fix occasional warning when destroying gss_krb5_enctypes 2023-02-20 09:20:57 -05:00
rpc_pipe.c sunrpc: convert to ctime accessor functions 2023-07-24 10:30:07 +02:00
rpcb_clnt.c SUNRPC: attempt to reach rpcbind with an abstract socket name 2023-06-19 12:12:22 -04:00
sched.c SUNRPC: Don't change task->tk_status after the call to rpc_exit_task 2023-05-19 16:50:05 -04:00
socklib.c use less confusing names for iov_iter direction initializers 2022-11-25 13:01:55 -05:00
socklib.h SUNRPC: Refactor xs_sendpages() 2020-03-16 12:04:33 -04:00
stats.c SUNRPC: Use per-CPU counters to tally server RPC counts 2023-02-20 09:20:32 -05:00
sunrpc_syms.c sunrpc: add IDs to multipath 2021-07-08 14:03:23 -04:00
sunrpc.h treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_149.RULE 2022-06-10 14:51:35 +02:00
svc_xprt.c SUNRPC: make rqst_should_sleep() idempotent() 2023-08-29 17:45:22 -04:00
svc.c NFS CLient Updates for Linux 6.6 2023-08-31 15:36:41 -07:00
svcauth_unix.c SUNRPC: Add enum svc_auth_status 2023-08-29 17:45:22 -04:00
svcauth.c SUNRPC: Add enum svc_auth_status 2023-08-29 17:45:22 -04:00
svcsock.c NFSD 6.6 Release Notes 2023-08-31 15:32:18 -07:00
sysctl.c sunrpc: simplify one-level sysctl registration for debug_table 2023-04-11 12:45:19 -04:00
sysfs.c SUNRPC: Add a TCP-with-TLS RPC transport class 2023-06-19 12:28:10 -04:00
sysfs.h NFS: Add sysfs links to sunrpc clients for nfs_clients 2023-06-19 15:04:13 -04:00
timer.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
xdr.c NFS CLient Updates for Linux 6.6 2023-08-31 15:36:41 -07:00
xprt.c timers: Get rid of del_singleshot_timer_sync() 2022-11-24 15:09:10 +01:00
xprtmultipath.c SUNRPC: Directly use ida_alloc()/free() 2022-10-03 11:26:36 -04:00
xprtsock.c SUNRPC/TLS: Lock the lower_xprt during the tls handshake 2023-09-27 15:16:40 -04:00