I tested my original patch(which was corrupted by email client). When the patch is manually backported to fix white space, the patch was fixed wrongly :( I sent my original patch again for 5.10.y without any corruption. Sorry for the inconvenience caused.
For 5.15.y, this is the cherry-pick order:
3be232f11a3cc9b0ef0795e39fa11bdb8e422a06(SUNRPC: Prevent immediate close+reconnect) f00432063db1a0db484e85193eccc6845435b80e(SUNRPC: Ensure we flush any closed sockets before xs_xprt_free())
Thanks, Meena
On Fri, May 13, 2022 at 1:25 AM Greg KH gregkh@linuxfoundation.org wrote:
On Thu, May 12, 2022 at 10:38:04AM -0700, Meena Shanmugam wrote:
On Thu, May 12, 2022 at 9:23 AM Greg KH gregkh@linuxfoundation.org wrote:
On Tue, May 10, 2022 at 07:33:23PM -0700, Meena Shanmugam wrote:
Hi all,
The commit f00432063db1a0db484e85193eccc6845435b80e upstream (SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()) fixes CVE-2022-28893, hence good candidate for stable trees. The above commit depends on 3be232f(SUNRPC: Prevent immediate close+reconnect) and 89f4249(SUNRPC: Don't call connect() more than once on a TCP socket). Commit 3be232f depends on commit e26d9972720e(SUNRPC: Clean up scheduling of autoclose).
Commits e26d9972720e, 3be232f, f00432063db1 apply cleanly on 5.10 kernel. commit 89f4249 didn't apply cleanly. I have patch for 89f4249 below.
We also need this for 5.15.y first, before we can apply it to 5.10.y. Can you provide a working backport for that tree as well?
And as others pointed out, your patch is totally corrupted and can not be used, please fix your email client.
thanks,
greg k-h
For 5.15.y commit f00432063db1a0db484e85193eccc6845435b80e((SUNRPC: Ensure we flush any closed sockets before xs_xprt_free())) applies cleanly. The depend patch 3be232f(SUNRPC: Prevent immediate close+reconnect) also applies cleanly. Patch 89f4249 (SUNRPC: Don't call connect() more than once on a TCP socket) is already present in 5.15.34 onwards.
Sorry about the patch corruption, I will fix it.
Sorry, but this did not work out at all, I get build errors when attempting it for 5.10.y:
CC [M] net/sunrpc/xprtsock.o net/sunrpc/xprtsock.c: In function ‘xs_tcp_setup_socket’: net/sunrpc/xprtsock.c:2276:13: error: too few arguments to function ‘test_and_clear_bit’ 2276 | if (test_and_clear_bit(XPRT_SOCK_CONNECT_SENT), | ^~~~~~~~~~~~~~~~~~ In file included from ./arch/x86/include/asm/bitops.h:391, from ./include/linux/bitops.h:29, from ./include/linux/kernel.h:12, from ./include/asm-generic/bug.h:20, from ./arch/x86/include/asm/bug.h:93, from ./include/linux/bug.h:5, from ./include/linux/mmdebug.h:5, from ./include/linux/gfp.h:5, from ./include/linux/slab.h:15, from net/sunrpc/xprtsock.c:24: ./include/asm-generic/bitops/instrumented-atomic.h:81:20: note: declared here 81 | static inline bool test_and_clear_bit(long nr, volatile unsigned long *addr) | ^~~~~~~~~~~~~~~~~~ net/sunrpc/xprtsock.c:2276:55: warning: left-hand operand of comma expression has no effect [-Wunused-value] 2276 | if (test_and_clear_bit(XPRT_SOCK_CONNECT_SENT), | ^ net/sunrpc/xprtsock.c:2312:17: warning: this statement may fall through [-Wimplicit-fallthrough=] 2312 | set_bit(XPRT_SOCK_CONNECT_SENT, &transport->sock_state); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ net/sunrpc/xprtsock.c:2313:9: note: here 2313 | case -EALREADY: | ^~~~ make[2]: *** [scripts/Makefile.build:280: net/sunrpc/xprtsock.o] Error 1 make[1]: *** [scripts/Makefile.build:497: net/sunrpc] Error 2
And I am not quite sure what order you want me to apply things for 5.15.y.
So please, send me a properly backported series of patches for this for 5.15.y and 5.10.y and I will be glad to pick them up. Right now I'm just confused as this was obviously not tested at all :(
thanks,
greg k-h