From 9519751c59f3a31b1c1fc2f7771699000aca09a2 Mon Sep 17 00:00:00 2001
From: Oleg Drokin <green@whamcloud.com>
Date: Mon, 18 Mar 2024 23:10:13 -0400
Subject: [PATCH] LU-17650 gss: fix use out of bounds in ptlrpc_gss

KASAN highlighted that the sockaddr_un struct is not enough
for the kernel primitives we use, so we have to use the
bigger sockaddr_storage for allocation, alas the field
names inside are different so we have to jump through some
hoops to make it actually work.
Also for a 128 byte allocation on stack variable is fine and
cannpot fail, so convert to that

Change-Id: I2292900b54756bf39530c96f7c5c228835562bef
Signed-off-by: Oleg Drokin <green@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/54452
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: James Simmons <jsimmons@infradead.org>
Reviewed-by: Arshad Hussain <arshad.hussain@aeoncomputing.com>
Reviewed-by: Sebastien Buisson <sbuisson@ddn.com>
---
 lustre/ptlrpc/gss/gss_svc_upcall.c | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/lustre/ptlrpc/gss/gss_svc_upcall.c b/lustre/ptlrpc/gss/gss_svc_upcall.c
index d9072e9..626e59b 100644
--- a/lustre/ptlrpc/gss/gss_svc_upcall.c
+++ b/lustre/ptlrpc/gss/gss_svc_upcall.c
@@ -989,7 +989,8 @@ void gss_svc_upcall_destroy_ctx(struct gss_svc_ctx *ctx)
  */
 static int check_gssd_socket(void)
 {
-	struct sockaddr_un *sun;
+	struct sockaddr_storage sstorage = {0};
+	struct sockaddr_un *sun = (struct sockaddr_un *)&sstorage;
 	struct socket *sock;
 	int tries = 0;
 	int err;
@@ -1005,19 +1006,13 @@ static int check_gssd_socket(void)
 		return err;
 	}
 
-	OBD_ALLOC(sun, sizeof(*sun));
-	if (!sun) {
-		sock_release(sock);
-		return -ENOMEM;
-	}
-	memset(sun, 0, sizeof(*sun));
 	sun->sun_family = AF_UNIX;
 	strncpy(sun->sun_path, GSS_SOCKET_PATH, sizeof(sun->sun_path));
 
 	/* Try to connect to the socket */
 	while (tries++ < 6) {
-		err = kernel_connect(sock, (struct sockaddr *)sun,
-				     sizeof(*sun), 0);
+		err = kernel_connect(sock, (struct sockaddr *)&sstorage,
+				     sizeof(sstorage), 0);
 		if (!err)
 			break;
 		schedule_timeout_uninterruptible(cfs_time_seconds(1) / 4);
@@ -1028,7 +1023,6 @@ static int check_gssd_socket(void)
 		kernel_sock_shutdown(sock, SHUT_RDWR);
 
 	sock_release(sock);
-	OBD_FREE(sun, sizeof(*sun));
 	return err;
 }
 
-- 
1.8.3.1