From 3d24ff29b009931a37f8456933c59a946b4c866c Mon Sep 17 00:00:00 2001 From: ericm Date: Sat, 20 Aug 2005 19:08:25 +0000 Subject: [PATCH] don't let ctx obj share storage with request buffer, which might be released in case of recovery, request be saved and delayed handed. --- lustre/sec/gss/gss_internal.h | 1 + lustre/sec/gss/rawobj.c | 5 +++++ lustre/sec/gss/svcsec_gss.c | 12 ++++++++---- 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/lustre/sec/gss/gss_internal.h b/lustre/sec/gss/gss_internal.h index d1e0521..66dd290 100644 --- a/lustre/sec/gss/gss_internal.h +++ b/lustre/sec/gss/gss_internal.h @@ -103,6 +103,7 @@ int rawobj_equal(rawobj_t *a, rawobj_t *b); int rawobj_dup(rawobj_t *dest, rawobj_t *src); int rawobj_serialize(rawobj_t *obj, __u32 **buf, __u32 *buflen); int rawobj_extract(rawobj_t *obj, __u32 **buf, __u32 *buflen); +int rawobj_extract_alloc(rawobj_t *obj, __u32 **buf, __u32 *buflen); int rawobj_extract_local(rawobj_t *obj, __u32 **buf, __u32 *buflen); /* diff --git a/lustre/sec/gss/rawobj.c b/lustre/sec/gss/rawobj.c index dba01df..104a004 100644 --- a/lustre/sec/gss/rawobj.c +++ b/lustre/sec/gss/rawobj.c @@ -168,6 +168,11 @@ int rawobj_extract(rawobj_t *obj, __u32 **buf, __u32 *buflen) return __rawobj_extract(obj, buf, buflen, 0, 0); } +int rawobj_extract_alloc(rawobj_t *obj, __u32 **buf, __u32 *buflen) +{ + return __rawobj_extract(obj, buf, buflen, 1, 0); +} + int rawobj_extract_local(rawobj_t *obj, __u32 **buf, __u32 *buflen) { return __rawobj_extract(obj, buf, buflen, 0, 1); diff --git a/lustre/sec/gss/svcsec_gss.c b/lustre/sec/gss/svcsec_gss.c index 3087d03..03a6648 100644 --- a/lustre/sec/gss/svcsec_gss.c +++ b/lustre/sec/gss/svcsec_gss.c @@ -1300,7 +1300,11 @@ gss_svcsec_accept(struct ptlrpc_request *req, enum ptlrpcs_error *res) GOTO(err_free, rc = SVC_DROP); } - if (rawobj_extract(&gc->gc_ctx, &secdata, &seclen)) { + /* We _must_ alloc new storage for gc_ctx. In case of recovery + * request will be saved to delayed handling, at that time the + * incoming buffer might have already been released. + */ + if (rawobj_extract_alloc(&gc->gc_ctx, &secdata, &seclen)) { CERROR("fail to obtain gss context handle\n"); GOTO(err_free, rc = SVC_DROP); } @@ -1468,9 +1472,9 @@ void gss_svcsec_cleanup_req(struct ptlrpc_svcsec *svcsec, return; } - /* gsd->clclred.gc_ctx is NOT allocated, just set pointer - * to the incoming packet buffer, so don't need free it - */ + /* gc_ctx is allocated, see gss_svcsec_accept() */ + rawobj_free(&gsd->clcred.gc_ctx); + OBD_FREE(gsd, sizeof(*gsd)); req->rq_svcsec_data = NULL; return; -- 1.8.3.1