• Bruce Allan's avatar
    [PATCH] sunrpc: cache_register can use wrong module reference · f35279d3
    Bruce Allan authored
    When registering an RPC cache, cache_register() always sets the owner as the
    sunrpc module.  However, there are RPC caches owned by other modules.  With
    the incorrect owner setting, the real owning module can be removed potentially
    with an open reference to the cache from userspace.
    
    For example, if one were to stop the nfs server and unmount the nfsd
    filesystem, the nfsd module could be removed eventhough rpc.idmapd had
    references to the idtoname and nametoid caches (i.e.
    /proc/net/rpc/nfs4.<cachename>/channel is still open).  This resulted in a
    system panic on one of our machines when attempting to restart the nfs
    services after reloading the nfsd module.
    
    The following patch adds a 'struct module *owner' field in struct
    cache_detail.  The owner is further assigned to the struct proc_dir_entry
    in cache_register() so that the module cannot be unloaded while user-space
    daemons have an open reference on the associated file under /proc.
    Signed-off-by: default avatarBruce Allan <bwa@us.ibm.com>
    Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
    Cc: Neil Brown <neilb@cse.unsw.edu.au>
    Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    f35279d3
svcauth.c 5.2 KB