[Lucid, Maverick, Natty] SRU: Fix panic after nfs_umount
Stefan Bader
stefan.bader at canonical.com
Thu Dec 9 15:58:41 UTC 2010
SRU justification:
Impact: When trying to mount an export where server and client have no common
authentication method, the client will abort the mount by sending an advisory
unmount message to the server. A bug in the RPC client setup causes the sunrpc
code to access memory outside an allocated array, which will sooner or later
cause the kernel to crash.
Fix: Patch from upstream (about to be submitted and targeted for stable too)
changes the setup to use the actual array size instead of a manually entered number.
Testcase:
Server exports a mount with an authentication method the client does not
support, eg.:
[/etc/exports] /srv/foo *(rw,sec=krb5)
Client tries to mount this directory with no special authentication method:
while true; do mount <server>:/srv/foo /mnt; sync; sleep 1; done
*Note*: This fix is not upstream yet, but is likely to go upstream in that form.
I just wanted to start the SRU process early due to the fact that it triggers
quite easily and ends in an odd and fatal mess. It is obvious enough to me and
has been tested locally.
The change causing the regression has been added in the 2.6.32 time. So all
kernels between that and now are affected.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-NFS-Fix-panic-after-nfs_umount.patch
Type: text/x-diff
Size: 1825 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20101209/cbb23bd5/attachment.patch>
More information about the kernel-team
mailing list