From 695e0701a0b0b901f134cf6948b63988ec702f85 Mon Sep 17 00:00:00 2001
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Thu, 5 Mar 2020 15:52:34 +0000
Subject: [PATCH] buffer pager: deref ucred immediately after read.

Ucred is passed to bread(9) so that non-local filesystems use proper
credentials.  But, since clean buffer might be cached unless
buf_pager_relbuf is not enabled, it makes credentials to have extra
reference until buffer is reclaimed.  Ucred reference would prevent
jail from destroying if creds are jailed.

Dereferencing the read credentials on the valid buffer avoid that, and
should be fine because the buffer is valid and does not need re-read.

PR:	238032
Reported by:	bz
Reproduced and tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D23775
---
 sys/kern/vfs_bio.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/sys/kern/vfs_bio.c b/sys/kern/vfs_bio.c
index aada2b8c3900..76ada0709bc9 100644
--- a/sys/kern/vfs_bio.c
+++ b/sys/kern/vfs_bio.c
@@ -5187,6 +5187,10 @@ vfs_bio_getpages(struct vnode *vp, vm_page_t *ma, int count,
 			    br_flags, &bp);
 			if (error != 0)
 				goto end_pages;
+			if (bp->b_rcred == curthread->td_ucred) {
+				crfree(bp->b_rcred);
+				bp->b_rcred = NOCRED;
+			}
 			if (LIST_EMPTY(&bp->b_dep)) {
 				/*
 				 * Invalidation clears m->valid, but