• Andrey Ryabinin's avatar
    lockd: create NSM handles per net namespace · 3ffa092f
    Andrey Ryabinin authored
    commit 0ad95472 upstream.
    
    Commit cb7323ff ("lockd: create and use per-net NSM
     RPC clients on MON/UNMON requests") introduced per-net
    NSM RPC clients. Unfortunately this doesn't make any sense
    without per-net nsm_handle.
    
    E.g. the following scenario could happen
    Two hosts (X and Y) in different namespaces (A and B) share
    the same nsm struct.
    
    1. nsm_monitor(host_X) called => NSM rpc client created,
    	nsm->sm_monitored bit set.
    2. nsm_mointor(host-Y) called => nsm->sm_monitored already set,
    	we just exit. Thus in namespace B ln->nsm_clnt == NULL.
    3. host X destroyed => nsm->sm_count decremented to 1
    4. host Y destroyed => nsm_unmonitor() => nsm_mon_unmon() => NULL-ptr
    	dereference of *ln->nsm_clnt
    
    So this could be fixed by making per-net nsm_handles list,
    instead of global. Thus different net namespaces will not be able
    share the same nsm_handle.
    Signed-off-by: default avatarAndrey Ryabinin <aryabinin@virtuozzo.com>
    Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
    Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
    3ffa092f
svcproc.c 14.8 KB