sunrpc: fix refcount leak for rpc auth modules

If an auth module's accept op returns SVC_CLOSE, svc_process_common()
enters a call path that does not call svc_authorise() before leaving the
function, and thus leaks a reference on the auth module's refcount. Hence,
make sure calls to svc_authenticate() and svc_authorise() are paired for
all call paths, to make sure rpc auth modules can be unloaded.

Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
Fixes: 4d712ef1db ("svcauth_gss: Close connection when dropping an incoming message")
Link: https://lore.kernel.org/linux-nfs/3F1B347F-B809-478F-A1E9-0BE98E22B0F0@oracle.com/T/#t
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
This commit is contained in:
Daniel Kobras 2021-02-27 00:04:37 +01:00 committed by Chuck Lever
parent c7de87ff9d
commit f1442d6349
1 changed files with 4 additions and 2 deletions

View File

@ -1413,7 +1413,7 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv)
sendit:
if (svc_authorise(rqstp))
goto close;
goto close_xprt;
return 1; /* Caller can now send it */
release_dropit:
@ -1425,6 +1425,8 @@ release_dropit:
return 0;
close:
svc_authorise(rqstp);
close_xprt:
if (rqstp->rq_xprt && test_bit(XPT_TEMP, &rqstp->rq_xprt->xpt_flags))
svc_close_xprt(rqstp->rq_xprt);
dprintk("svc: svc_process close\n");
@ -1433,7 +1435,7 @@ release_dropit:
err_short_len:
svc_printk(rqstp, "short len %zd, dropping request\n",
argv->iov_len);
goto close;
goto close_xprt;
err_bad_rpc:
serv->sv_stats->rpcbadfmt++;