iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
J. Bruce Fields ff371bc83b nfsd4: catch some false session retries 
commit 53da6a53e1d414e05759fa59b7032ee08f4e22d7 upstream.

The spec allows us to return NFS4ERR_SEQ_FALSE_RETRY if we notice that
the client is making a call that matches a previous (slot, seqid) pair
but that *isn't* actually a replay, because some detail of the call
doesn't actually match the previous one.

Catching every such case is difficult, but we may as well catch a few
easy ones.  This also handles the case described in the previous patch,
in a different way.

The spec does however require us to catch the case where the difference
is in the rpc credentials.  This prevents somebody from snooping another
user's replies by fabricating retries.

(But the practical value of the attack is limited by the fact that the
replies with the most sensitive data are READ replies, which are not
normally cached.)

Tested-by: Olga Kornievskaia <aglo@umich.edu>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Donald Buczek <buczek@molgen.mpg.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-02-12 19:46:14 +01:00
..
9p
v9fs_dir_readdir: fix double-free on p9stat_read error
2018-12-01 09:42:50 +01:00
adfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
affs
affs_lookup(): close a race with affs_remove_link()
2018-05-30 07:51:47 +02:00
afs
afs: Fix directory permissions check
2018-07-08 15:30:51 +02:00
autofs4
autofs: fix autofs_sbi() does not check super block type
2018-09-19 22:43:48 +02:00
befs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
bfs
bfs: add sanity check at bfs_fill_super()
2018-12-01 09:42:51 +01:00
btrfs
btrfs: dev-replace: go back to suspended state if target device is missing
2019-01-31 08:13:48 +01:00
cachefiles
fscache, cachefiles: remove redundant variable 'cache'
2018-12-17 09:28:53 +01:00
ceph
ceph: don't update importing cap's mseq when handing cap export
2019-01-13 10:01:06 +01:00
cifs
cifs: check ntwrk_buf_start for NULL before dereferencing it
2019-02-12 19:46:08 +01:00
coda
coda: fix 'kernel memory exposure attempt' in fsync
2017-11-24 08:37:05 +01:00
configfs
configfs: replace strncpy with memcpy
2018-11-21 09:24:15 +01:00
cramfs
Cramfs: fix abad comparison when wrap-arounds occur
2018-11-13 11:15:12 -08:00
crypto
fscrypt: use unbound workqueue for decryption
2018-08-03 07:50:32 +02:00
debugfs
Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-07-15 12:00:42 -07:00
devpts
devpts: resolve devpts bind-mounts
2018-07-17 11:39:26 +02:00
dlm
dlm: Don't swamp the CPU with callbacks queued during recovery
2019-02-12 19:45:57 +01:00
ecryptfs
eCryptfs: don't pass up plaintext names when using filename encryption
2018-06-21 04:02:42 +09:00
efivarfs
VFS: Kill off s_options and helpers
2017-07-11 06:09:21 -04:00
efs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
exofs
fs/exofs: fix potential memory leak in mount option parsing
2018-11-27 16:10:47 +01:00
exportfs
exportfs: do not read dentry after free
2018-12-17 09:28:50 +01:00
ext2
ext2: fix potential use after free
2018-12-05 19:41:25 +01:00
ext4
ext4: track writeback errors using the generic tracking infrastructure
2019-01-16 22:07:13 +01:00
f2fs
f2fs: fix sbi->extent_list corruption issue
2019-02-12 19:46:08 +01:00
fat
fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters()
2018-11-04 14:52:47 +01:00
freevxfs
fscache
fscache: fix race between enablement and dropping of object
2018-12-17 09:28:53 +01:00
fuse
fuse: handle zero sized retrieve correctly
2019-02-12 19:46:11 +01:00
gfs2
gfs2: Revert "Fix loop in gfs2_rbm_find"
2019-02-06 17:31:35 +01:00
hfs
hfs: do not free node before using
2018-12-17 09:28:54 +01:00
hfsplus
hfsplus: do not free node before using
2018-12-17 09:28:54 +01:00
hostfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
hpfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
hugetlbfs
hugetlbfs: fix bug in pgoff overflow checking
2018-04-19 08:56:21 +02:00
isofs
isofs: reject hardware sector size > 2048 bytes
2018-10-03 17:00:57 -07:00
jbd2
jbd2: fix use after free in jbd2_log_do_checkpoint()
2018-11-13 11:15:05 -08:00
jffs2
jffs2: Fix use of uninitialized delayed_work, lockdep breakage
2019-01-26 09:37:02 +01:00
jfs
jfs: Fix inconsistency between memory allocation and ea_buf->max_size
2018-08-09 12:16:39 +02:00
kernfs
kernfs: Replace strncpy with memcpy
2018-12-08 13:03:35 +01:00
lockd
lockd: Show pid of lockd for remote locks
2019-01-13 10:01:06 +01:00
minix
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ncpfs
staging: ncpfs: memory corruption in ncp_read_kernel()
2018-03-28 18:24:43 +02:00
nfs
NFS: nfs_compare_mount_options always compare auth flavors.
2019-02-12 19:46:07 +01:00
nfs_common
lockd: fix "list_add double add" caused by legacy signal interface
2018-02-03 17:39:08 +01:00
nfsd
nfsd4: catch some false session retries
2019-02-12 19:46:14 +01:00
nilfs2
do d_instantiate/unlock_new_inode combinations safely
2018-05-30 07:51:47 +02:00
nls
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
notify
fanotify: fix handling of events on child sub-directory
2019-02-06 17:31:37 +01:00
ntfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ocfs2
ocfs2: improve ocfs2 Makefile
2019-02-12 19:46:09 +01:00
omfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
openpromfs
orangefs
orangefs: report attributes_mask and attributes for statx
2018-06-26 08:06:33 +08:00
overlayfs
ovl: check whiteout in ovl_create_over_whiteout()
2018-11-21 09:24:17 +01:00
proc
proc/sysctl: don't return ENOMEM on lookup when a table is unregistering
2018-12-29 13:39:11 +01:00
pstore
pstore/ram: Do not treat empty buffers as valid
2019-01-26 09:37:02 +01:00
qnx4
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
qnx6
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
quota
quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls.
2019-01-26 09:37:05 +01:00
ramfs
mm: make pagevec_lookup() update index
2017-09-06 17:27:26 -07:00
reiserfs
reiserfs: propagate errors from fill_with_dentries() properly
2018-11-27 16:10:46 +01:00
romfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
squashfs
Squashfs: Compute expected length from inode size rather than block length
2018-09-05 09:26:32 +02:00
sysfs
scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
2018-09-05 09:26:41 +02:00
sysv
sysv: return 'err' instead of 0 in __sysv_write_inode
2018-12-17 09:28:48 +01:00
tracefs
VFS: Don't use save/replace_mount_options if not using generic_show_options
2017-07-06 03:31:46 -04:00
ubifs
ubifs: Handle re-linking of inodes correctly while recovery
2018-12-29 13:39:11 +01:00
udf
udf: Fix BUG on corrupted inode
2019-02-12 19:46:03 +01:00
ufs
do d_instantiate/unlock_new_inode combinations safely
2018-05-30 07:51:47 +02:00
xfs
xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE
2018-12-05 19:41:16 +01:00
aio.c
aio: fix spectre gadget in lookup_ioctx
2018-12-21 14:13:04 +01:00
anon_inodes.c
attr.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
bad_inode.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
binfmt_aout.c
fs: fix kernel_read prototype
2017-09-04 19:05:15 -04:00
binfmt_elf_fdpic.c
Merge branch 'work.set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-09-14 18:13:32 -07:00
binfmt_elf.c
binfmt_elf: Respect error return from `regset->active'
2018-09-26 08:38:09 +02:00
binfmt_em86.c
binfmt_flat.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
binfmt_misc.c
fs/binfmt_misc.c: do not allow offset overflow
2018-06-26 08:06:33 +08:00
binfmt_script.c
exec: load_script: don't blindly truncate shebang string
2019-02-12 19:46:10 +01:00
block_dev.c
blockdev: Fix livelocks on loop device
2019-01-23 08:09:50 +01:00
buffer.c
fs: guard_bio_eod() needs to consider partitions
2017-11-30 08:40:45 +00:00
char_dev.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
compat_binfmt_elf.c
compat_ioctl.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
compat.c
coredump.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
dax.c
fs/dax.c: release PMD lock even when there is no PMD support in DAX
2018-04-26 11:02:14 +02:00
dcache.c
fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb()
2019-02-06 17:31:34 +01:00
dcookies.c
direct-io.c
fs: fix lost error code in dio_complete
2018-12-05 19:41:24 +01:00
drop_caches.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
eventfd.c
There has been a fair amount of activity in the docs tree this time
2017-07-03 21:13:25 -07:00
eventpoll.c
fs/epoll: drop ovflist branch prediction
2019-02-12 19:46:10 +01:00
exec.c
exec: avoid gcc-8 warning for get_task_comm
2018-03-03 10:24:21 +01:00
fcntl.c
fcntl: don't cap l_start and l_end values for F_GETLK64 in compat syscall
2017-12-17 15:07:59 +01:00
fhandle.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
file_table.c
fput: Don't reinvent the wheel but use existing llist API
2017-08-28 00:50:23 -04:00
file.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
filesystems.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fs_pin.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fs_struct.c
fs-writeback.c
bdi: Fix oops in wb_workfn()
2018-05-16 10:10:25 +02:00
inode.c
Fix up non-directory creation in SGID directories
2018-07-17 11:39:27 +02:00
internal.h
Merge branch 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs
2017-09-13 09:11:44 -07:00
ioctl.c
vfs: swap names of {do,vfs}_clone_file_range()
2018-11-10 07:48:33 -08:00
iomap.c
iomap: complete partial direct I/O writes synchronously
2018-10-03 17:00:53 -07:00
Kconfig
fs/Kconfig: kill CONFIG_PERCPU_RWSEM some more
2017-07-12 16:26:00 -07:00
Kconfig.binfmt
libfs.c
fs: convert __generic_file_fsync to use errseq_t based reporting
2017-07-06 07:02:29 -04:00
locks.c
fs/lock: skip lock owner pid translation in case we are in init_pid_ns
2018-10-03 17:00:53 -07:00
Makefile
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
mbcache.c
mbcache: initialize entry->e_referenced in mb_cache_entry_create()
2018-02-22 15:42:25 +01:00
mount.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
mpage.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
namei.c
namei: allow restricted O_CREAT of FIFOs and regular files
2018-12-01 09:42:59 +01:00
namespace.c
mount: Prevent MNT_DETACH from disconnecting locked mounts
2018-11-21 09:24:14 +01:00
no-block.c
nsfs.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
open.c
ovl: don't allow writing ioctl on lower layer
2017-09-05 12:53:12 +02:00
pipe.c
pipe: fix off-by-one error when checking buffer limits
2018-02-16 20:23:05 +01:00
pnode.c
mnt: Make propagate_umount less slow for overlapping mount propagation trees
2017-05-23 08:41:17 -05:00
pnode.h
posix_acl.c
proc_namespace.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
read_write.c
vfs: swap names of {do,vfs}_clone_file_range()
2018-11-10 07:48:33 -08:00
readdir.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
select.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
seq_file.c
seq_file: fix incomplete reset on read from zero offset
2018-02-22 15:42:28 +01:00
signalfd.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
splice.c
fs: move kernel_write to fs/read_write.c
2017-09-04 19:05:15 -04:00
stack.c
stat.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
statfs.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
super.c
fs: don't scan the inode cache before SB_BORN is set
2018-05-30 07:51:47 +02:00
sync.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
timerfd.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
userfaultfd.c
userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
2018-12-21 14:13:04 +01:00
utimes.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
xattr.c
sysfs: Do not return POSIX ACL xattrs via listxattr
2018-10-10 08:54:27 +02:00