redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/fs/cifs
History
Paulo Alcantara 73948ab9f2 cifs: fix potential use-after-free in cifs_echo_request() 
commit 212253367d upstream.

This patch fixes a potential use-after-free bug in
cifs_echo_request().

For instance,

  thread 1
  --------
  cifs_demultiplex_thread()
    clean_demultiplex_info()
      kfree(server)

  thread 2 (workqueue)
  --------
  apic_timer_interrupt()
    smp_apic_timer_interrupt()
      irq_exit()
        __do_softirq()
          run_timer_softirq()
            call_timer_fn()
	      cifs_echo_request() <- use-after-free in server ptr

Signed-off-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-12-11 13:23:29 +01:00
..
Kconfig various cifs/smb3 fixes (including for share deleted cases) and features including improved encrypted read performance, and various debugging improvements 2019-09-19 10:32:16 -07:00
Makefile cifs: Add support for root file systems 2019-09-16 11:43:38 -05:00
asn1.c cifs: remove bogus debug code 2020-10-29 09:57:28 +01:00
cache.c cifs: use 64-bit timestamps for fscache 2018-08-07 14:15:41 -05:00
cifs_debug.c cifs: Don't display RDMA transport on reconnect 2019-12-21 11:04:43 +01:00
cifs_debug.h cifs: add a debug macro that prints \\server\share for errors 2019-09-16 11:43:38 -05:00
cifs_dfs_ref.c cifs: fix potential mismatch of UNC paths 2020-03-25 08:25:43 +01:00
cifs_fs_sb.h smb3: add mount option to allow RW caching of share accessed by only 1 client 2019-09-16 11:43:38 -05:00
cifs_ioctl.h smb3: allow decryption keys to be dumped by admin for debugging 2019-09-21 06:02:26 -05:00
cifs_spnego.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
cifs_spnego.h
cifs_unicode.c Convert trailing spaces and periods in path components 2020-11-18 19:20:34 +01:00
cifs_unicode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifs_uniupr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifsacl.c cifs: fix a memleak with modefromsid 2020-12-02 08:49:45 +01:00
cifsacl.h smb3: missing ACL related flags 2019-09-26 16:37:43 -05:00
cifsencrypt.c fs: cifs: switch to RC4 library interface 2019-06-20 14:19:55 +08:00
cifsfs.c cifs: add missing mount option to /proc/mounts 2020-03-25 08:25:43 +01:00
cifsfs.h cifs: update internal module version number 2019-09-16 19:18:39 -05:00
cifsglob.h CIFS: Properly process SMB3 lease breaks 2020-10-01 13:17:21 +02:00
cifspdu.h smb3: missing defines and structs for reparse point handling 2018-11-02 14:09:41 -05:00
cifsproto.h cifs: fix rename() by ensuring source handle opened with DELETE bit 2020-03-12 13:00:18 +01:00
cifsroot.c cifs: cifsroot: add more err checking 2019-09-16 11:43:39 -05:00
cifssmb.c cifs: fix leaked reference on requeued write 2020-05-20 08:20:34 +02:00
connect.c cifs: fix potential use-after-free in cifs_echo_request() 2020-12-11 13:23:29 +01:00
dfs_cache.c cifs: fix unitialized variable poential problem with network I/O cache lock patch 2020-02-24 08:36:58 +01:00
dfs_cache.h cifs: Fix DFS cache refresher for DFS links 2019-05-07 23:24:54 -05:00
dir.c cifs_atomic_open(): fix double-put on late allocation failure 2020-03-18 07:17:51 +01:00
dns_resolve.c keys: Pass the network namespace into request_key mechanism 2019-06-27 23:02:12 +01:00
dns_resolve.h
export.c docs: fs: convert docs without extension to ReST 2019-07-31 13:31:05 -06:00
file.c cifs: Fix double add page to memcg when cifs_readpages 2020-10-01 13:18:09 +02:00
fscache.c cifs: use 64-bit timestamps for fscache 2018-08-07 14:15:41 -05:00
fscache.h cifs: use 64-bit timestamps for fscache 2018-08-07 14:15:41 -05:00
inode.c cifs: handle -EINTR in cifs_setattr 2020-11-05 11:43:21 +01:00
ioctl.c smb3: allow decryption keys to be dumped by admin for debugging 2019-09-21 06:02:26 -05:00
link.c SMB3: Clean up query symlink when reparse point 2019-05-07 23:24:55 -05:00
misc.c CIFS: Properly process SMB3 lease breaks 2020-10-01 13:17:21 +02:00
netmisc.c fs: cifs: mute -Wunused-const-variable message 2019-10-06 22:04:35 -05:00
nterr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
nterr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
ntlmssp.h cifs: dynamic allocation of ntlmssp blob 2016-06-23 23:45:07 -05:00
readdir.c cifs: check ntwrk_buf_start for NULL before dereferencing it 2018-12-23 22:41:31 -06:00
rfc1002pdu.h
sess.c fs/cifs/sess.c: Remove set but not used variable 'capabilities' 2019-09-23 22:51:57 -05:00
smb1ops.c CIFS: Properly process SMB3 lease breaks 2020-10-01 13:17:21 +02:00
smb2file.c cifs: Adjust indentation in smb2_open_file 2020-01-17 19:48:27 +01:00
smb2glob.h cifs: change SMB2_OP_RENAME and SMB2_OP_HARDLINK to use compounding 2018-10-23 21:16:04 -05:00
smb2inode.c cifs: fix rename() by ensuring source handle opened with DELETE bit 2020-03-12 13:00:18 +01:00
smb2maperror.c smb3: improve handling of share deleted (and share recreated) 2019-09-16 11:43:38 -05:00
smb2misc.c CIFS: Properly process SMB3 lease breaks 2020-10-01 13:17:21 +02:00
smb2ops.c smb3: Handle error case during offload read path 2020-12-02 08:49:45 +01:00
smb2pdu.c smb3: warn on confusing error scenario with sec=krb5 2020-08-21 13:05:19 +02:00
smb2pdu.h CIFS: Properly process SMB3 lease breaks 2020-10-01 13:17:21 +02:00
smb2proto.h CIFS: Close open handle after interrupted close 2019-12-21 11:04:45 +01:00
smb2status.h cifs: don't use __constant_cpu_to_le32() 2019-05-07 23:24:54 -05:00
smb2transport.c CIFS: Fix task struct use-after-free on reconnect 2020-02-01 09:34:37 +00:00
smbdirect.c cifs: smbd: Return -ECONNABORTED when trasnport is not in connected state 2019-12-21 11:04:43 +01:00
smbdirect.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157 2019-05-30 11:26:37 -07:00
smbencrypt.c fs: cifs: move from the crypto cipher API to the new DES library interface 2019-08-22 14:57:34 +10:00
smberr.h
smbfsctl.h smb3: Add missing reparse tags 2019-09-24 23:31:32 -05:00
trace.c smb3: Cleanup license mess 2019-01-24 09:37:33 -06:00
trace.h smb3: add missing worker function for SMB3 change notify 2019-09-16 11:43:39 -05:00
transport.c cifs: allow syscalls to be restarted in __smb_send_rqst() 2020-12-11 13:23:29 +01:00
winucase.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
xattr.c CIFS: fix max ea value size 2019-09-23 23:28:59 -05:00