d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4036fcb805
freebsd-dev/sys/fs/nfs
History
Rick Macklem 4036fcb805 nfsd: Fix a use after free when vnet prisons are deleted 
The Kasan tests show the nfsrvd_cleancache() results
in a modify after free. I think this occurs because the
nfsrv_cleanup() function gets executed after nfs_cleanup()
which free's the nfsstatsv1_p.

This patch makes them use the same subsystem and sets
SI_ORDER_FIRST for nfs_cleanup(), so that it will be called
after nfsrv_cleanup() via VNET_SYSUNINIT().

The patch also sets nfsstatsv1_p NULL after free'ng it,
so that a crash will result if it is used after free'ng.

Tested by:	markj
Reviewed by:	markj
MFC after:	3 months
Differential Revision:	https://reviews.freebsd.org/D38750
2023-02-24 07:36:28 -08:00
..
nfs_commonacl.c nfsd: Do not accept audit/alarm ACEs for the NFSv4 server 2022-01-11 09:40:07 -08:00
nfs_commonkrpc.c nfscommon: Revert use of nfsstatsv1_p in nfs_commonkrpc.c 2023-02-16 17:44:19 -08:00
nfs_commonport.c nfsd: Fix a use after free when vnet prisons are deleted 2023-02-24 07:36:28 -08:00
nfs_commonsubs.c nfsd: Continue adding macros so nfsd can run in a vnet prison 2023-02-14 13:33:35 -08:00
nfs_var.h nfsd: Prepare the NFS server code to run in a vnet prison 2023-02-11 15:51:19 -08:00
nfs.h nfsd: Add a sanity check for Owner/OwnerGroup string length 2022-05-04 13:58:22 -07:00
nfscl.h nfscl: Add a cred argument to nfscl_reqstart() 2022-07-08 16:58:06 -07:00
nfsclstate.h nfscl: Add optional support for slots marked bad 2022-07-09 14:43:16 -07:00
nfsdport.h nfsd: Continue adding macros so nfsd can run in a vnet prison 2023-02-12 13:52:13 -08:00
nfskpiport.h nfscommon: Clean up the code by removing the vnode_vtype() macro 2022-06-24 13:56:35 -07:00
nfsm_subs.h nfscl: Clean up the code by removing #if(n)def APPLE 2022-06-18 13:43:02 -07:00
nfsport.h nfsd: Enable the NFSD_VNET vnet front end macros 2023-02-18 14:59:36 -08:00
nfsproto.h Unbreak the build: Also define NFSV42_OLDNPROCS here. 2022-04-05 11:54:20 -06:00
nfsrvcache.h Replace all instances of the typedef mbuf_t with "struct mbuf *". 2020-04-17 21:17:51 +00:00
nfsrvstate.h nfsd: Continue adding macros so nfsd can run in a vnet prison 2023-02-12 13:52:13 -08:00
nfsv4_errstr.h Add missing comma in nfsv4_errstr 2020-01-13 21:49:27 +00:00
rpcv2.h fs: clean up empty lines in .c and .h files 2020-09-01 21:18:40 +00:00
xdr_subs.h nfs: don't truncate directory cookies to 32-bits in the NFS server 2021-12-15 20:54:57 -07:00