On Thu, May 12, 2022 at 10:38:04AM -0700, Meena Shanmugam wrote:
> On Thu, May 12, 2022 at 9:23 AM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> >
> > On Tue, May 10, 2022 at 07:33:23PM -0700, Meena Shanmugam wrote:
> > > Hi all,
> > >
> > > The commit f00432063db1a0db484e85193eccc6845435b80e upstream (SUNRPC:
> > > Ensure we flush any closed sockets before xs_xprt_free()) fixes
> > > CVE-2022-28893, hence good candidate for stable trees.
> > > The above commit depends on 3be232f(SUNRPC: Prevent immediate
> > > close+reconnect) and 89f4249(SUNRPC: Don't call connect() more than
> > > once on a TCP socket). Commit 3be232f depends on commit
> > > e26d9972720e(SUNRPC: Clean up scheduling of autoclose).
> > >
> > > Commits e26d9972720e, 3be232f, f00432063db1 apply cleanly on 5.10
> > > kernel. commit 89f4249 didn't apply cleanly. I have patch for 89f4249
> > > below.
> >
> > We also need this for 5.15.y first, before we can apply it to 5.10.y.
> > Can you provide a working backport for that tree as well?
> >
> > And as others pointed out, your patch is totally corrupted and can not
> > be used, please fix your email client.
> >
> > thanks,
> >
> > greg k-h
>
> For 5.15.y commit f00432063db1a0db484e85193eccc6845435b80e((SUNRPC:
> Ensure we flush any closed sockets before xs_xprt_free())) applies
> cleanly. The depend patch
> 3be232f(SUNRPC: Prevent immediate close+reconnect) also applies
> cleanly. Patch 89f4249
> (SUNRPC: Don't call connect() more than once on a TCP socket) is
> already present in 5.15.34 onwards.
>
> Sorry about the patch corruption, I will fix it.
Sorry, but this did not work out at all, I get build errors when
attempting it for 5.10.y:
CC [M] net/sunrpc/xprtsock.o
net/sunrpc/xprtsock.c: In function ‘xs_tcp_setup_socket’:
net/sunrpc/xprtsock.c:2276:13: error: too few arguments to function ‘test_and_clear_bit’
2276 | if (test_and_clear_bit(XPRT_SOCK_CONNECT_SENT),
| ^~~~~~~~~~~~~~~~~~
In file included from ./arch/x86/include/asm/bitops.h:391,
from ./include/linux/bitops.h:29,
from ./include/linux/kernel.h:12,
from ./include/asm-generic/bug.h:20,
from ./arch/x86/include/asm/bug.h:93,
from ./include/linux/bug.h:5,
from ./include/linux/mmdebug.h:5,
from ./include/linux/gfp.h:5,
from ./include/linux/slab.h:15,
from net/sunrpc/xprtsock.c:24:
./include/asm-generic/bitops/instrumented-atomic.h:81:20: note: declared here
81 | static inline bool test_and_clear_bit(long nr, volatile unsigned long *addr)
| ^~~~~~~~~~~~~~~~~~
net/sunrpc/xprtsock.c:2276:55: warning: left-hand operand of comma expression has no effect [-Wunused-value]
2276 | if (test_and_clear_bit(XPRT_SOCK_CONNECT_SENT),
| ^
net/sunrpc/xprtsock.c:2312:17: warning: this statement may fall through [-Wimplicit-fallthrough=]
2312 | set_bit(XPRT_SOCK_CONNECT_SENT, &transport->sock_state);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/sunrpc/xprtsock.c:2313:9: note: here
2313 | case -EALREADY:
| ^~~~
make[2]: *** [scripts/Makefile.build:280: net/sunrpc/xprtsock.o] Error 1
make[1]: *** [scripts/Makefile.build:497: net/sunrpc] Error 2
And I am not quite sure what order you want me to apply things for 5.15.y.
So please, send me a properly backported series of patches for this for 5.15.y
and 5.10.y and I will be glad to pick them up. Right now I'm just confused as
this was obviously not tested at all :(
thanks,
greg k-h
