From: Akinobu Mita <akinobu.mita@gmail.com>

Reloading rpcsec_gss_krb5 or rpcsec_gss_spkm3 hit duplicate registration in
svcauth_gss_register_pseudoflavor().  (If DEBUG_PAGEALLOC is enabled, oops
will happen at auth_domain_put() --> hlist_del() with uninitialized
hlist_node)

svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name)
{
	...

        test = auth_domain_lookup(name, &new->h);
        if (test != &new->h) { /* XXX Duplicate registration? */
                auth_domain_put(&new->h);
                /* dangling ref-count... */
	...
}

This patch unregisters gss_domain and free it when unloading
modules.

- Define svcauth_gss_unregister_pseudoflavor()
  (doing the opposite of svcauth_gss_register_pseudoflavor())

- Call svcauth_gss_unregister_pseudoflavor() in gss_mech_free()

Cc: Andy Adamson <andros@citi.umich.edu>
Cc: J. Bruce Fields <bfields@citi.umich.edu>
Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 include/linux/sunrpc/svcauth_gss.h    |    1 +
 net/sunrpc/auth_gss/gss_mech_switch.c |    8 +++++++-
 net/sunrpc/auth_gss/svcauth_gss.c     |   20 +++++++++++++++++---
 3 files changed, 25 insertions(+), 4 deletions(-)

diff -puN include/linux/sunrpc/svcauth_gss.h~auth_gss-unregister-gss_domain-when-unloading-module include/linux/sunrpc/svcauth_gss.h
--- a/include/linux/sunrpc/svcauth_gss.h~auth_gss-unregister-gss_domain-when-unloading-module
+++ a/include/linux/sunrpc/svcauth_gss.h
@@ -22,6 +22,7 @@
 int gss_svc_init(void);
 void gss_svc_shutdown(void);
 int svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name);
+void svcauth_gss_unregister_pseudoflavor(char *name);
 
 #endif /* __KERNEL__ */
 #endif /* _LINUX_SUNRPC_SVCAUTH_GSS_H */
diff -puN net/sunrpc/auth_gss/gss_mech_switch.c~auth_gss-unregister-gss_domain-when-unloading-module net/sunrpc/auth_gss/gss_mech_switch.c
--- a/net/sunrpc/auth_gss/gss_mech_switch.c~auth_gss-unregister-gss_domain-when-unloading-module
+++ a/net/sunrpc/auth_gss/gss_mech_switch.c
@@ -60,6 +60,9 @@ gss_mech_free(struct gss_api_mech *gm)
 
 	for (i = 0; i < gm->gm_pf_num; i++) {
 		pf = &gm->gm_pfs[i];
+		if (!pf->auth_domain_name)
+			continue;
+		svcauth_gss_unregister_pseudoflavor(pf->auth_domain_name);
 		kfree(pf->auth_domain_name);
 		pf->auth_domain_name = NULL;
 	}
@@ -93,8 +96,11 @@ gss_mech_svc_setup(struct gss_api_mech *
 			goto out;
 		status = svcauth_gss_register_pseudoflavor(pf->pseudoflavor,
 							pf->auth_domain_name);
-		if (status)
+		if (status) {
+			kfree(pf->auth_domain_name);
+			pf->auth_domain_name = NULL;
 			goto out;
+		}
 	}
 	return 0;
 out:
diff -puN net/sunrpc/auth_gss/svcauth_gss.c~auth_gss-unregister-gss_domain-when-unloading-module net/sunrpc/auth_gss/svcauth_gss.c
--- a/net/sunrpc/auth_gss/svcauth_gss.c~auth_gss-unregister-gss_domain-when-unloading-module
+++ a/net/sunrpc/auth_gss/svcauth_gss.c
@@ -762,9 +762,10 @@ svcauth_gss_register_pseudoflavor(u32 ps
 
 	test = auth_domain_lookup(name, &new->h);
 	if (test != &new->h) { /* XXX Duplicate registration? */
-		auth_domain_put(&new->h);
-		/* dangling ref-count... */
-		goto out;
+		WARN_ON(1);
+		stat = -EBUSY;
+		kfree(new->h.name);
+		goto out_free_dom;
 	}
 	return 0;
 
@@ -776,6 +777,19 @@ out:
 
 EXPORT_SYMBOL(svcauth_gss_register_pseudoflavor);
 
+void svcauth_gss_unregister_pseudoflavor(char *name)
+{
+	struct auth_domain *dom;
+
+	dom = auth_domain_find(name);
+	if (dom) {
+		auth_domain_put(dom);
+		auth_domain_put(dom);
+	}
+}
+
+EXPORT_SYMBOL(svcauth_gss_unregister_pseudoflavor);
+
 static inline int
 read_u32_from_xdr_buf(struct xdr_buf *buf, int base, u32 *obj)
 {
_