From: David Howells <dhowells@redhat.com>
To: keyrings@vger.kernel.org, ebiggers@kernel.org
Cc: James Morris <jamorris@linux.microsoft.com>,
dhowells@redhat.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 02/10] keys: sparse: Fix incorrect RCU accesses [ver #3]
Date: Wed, 19 Jun 2019 13:19:00 +0000 [thread overview]
Message-ID: <156095034027.9363.14636937467673662369.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <156095032052.9363.8954337545422131435.stgit@warthog.procyon.org.uk>
Fix a pair of accesses that should be using RCU protection.
rcu_dereference_protected() is needed to access task_struct::real_parent.
current_cred() should be used to access current->cred.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
---
security/keys/keyctl.c | 3 ++-
security/keys/request_key_auth.c | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 3e4053a217c3..0f947bcbad46 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -1524,7 +1524,8 @@ long keyctl_session_to_parent(void)
ret = -EPERM;
oldwork = NULL;
- parent = me->real_parent;
+ parent = rcu_dereference_protected(me->real_parent,
+ lockdep_is_held(&tasklist_lock));
/* the parent mustn't be init and mustn't be a kernel thread */
if (parent->pid <= 1 || !parent->mm)
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index bda6201c6c45..572c7a60473a 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -152,7 +152,7 @@ struct key *request_key_auth_new(struct key *target, const char *op,
struct key *dest_keyring)
{
struct request_key_auth *rka, *irka;
- const struct cred *cred = current->cred;
+ const struct cred *cred = current_cred();
struct key *authkey = NULL;
char desc[20];
int ret = -ENOMEM;
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells@redhat.com>
To: keyrings@vger.kernel.org, ebiggers@kernel.org
Cc: James Morris <jamorris@linux.microsoft.com>,
dhowells@redhat.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 02/10] keys: sparse: Fix incorrect RCU accesses [ver #3]
Date: Wed, 19 Jun 2019 14:19:00 +0100 [thread overview]
Message-ID: <156095034027.9363.14636937467673662369.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <156095032052.9363.8954337545422131435.stgit@warthog.procyon.org.uk>
Fix a pair of accesses that should be using RCU protection.
rcu_dereference_protected() is needed to access task_struct::real_parent.
current_cred() should be used to access current->cred.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
---
security/keys/keyctl.c | 3 ++-
security/keys/request_key_auth.c | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 3e4053a217c3..0f947bcbad46 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -1524,7 +1524,8 @@ long keyctl_session_to_parent(void)
ret = -EPERM;
oldwork = NULL;
- parent = me->real_parent;
+ parent = rcu_dereference_protected(me->real_parent,
+ lockdep_is_held(&tasklist_lock));
/* the parent mustn't be init and mustn't be a kernel thread */
if (parent->pid <= 1 || !parent->mm)
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index bda6201c6c45..572c7a60473a 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -152,7 +152,7 @@ struct key *request_key_auth_new(struct key *target, const char *op,
struct key *dest_keyring)
{
struct request_key_auth *rka, *irka;
- const struct cred *cred = current->cred;
+ const struct cred *cred = current_cred();
struct key *authkey = NULL;
char desc[20];
int ret = -ENOMEM;
next prev parent reply other threads:[~2019-06-19 13:19 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-19 13:18 [PATCH 00/10] keys: Miscellany [ver #3] David Howells
2019-06-19 13:18 ` David Howells
2019-06-19 13:18 ` [PATCH 01/10] keys: sparse: Fix key_fs[ug]id_changed() " David Howells
2019-06-19 13:18 ` David Howells
2019-06-19 13:19 ` David Howells [this message]
2019-06-19 13:19 ` [PATCH 02/10] keys: sparse: Fix incorrect RCU accesses " David Howells
2019-06-19 13:19 ` [PATCH 03/10] keys: sparse: Fix kdoc mismatches " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 04/10] keys: Change keyring_serialise_link_sem to a mutex " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 05/10] keys: Break bits out of key_unlink() " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 06/10] keys: Hoist locking out of __key_link_begin() " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 07/10] keys: Add a keyctl to move a key between keyrings " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 08/10] keys: Grant Link permission to possessers of request_key auth keys " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 09/10] keys: Reuse keyring_index_key::desc_len in lookup_user_key() " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:20 ` [PATCH 10/10] keys: Add capability-checking keyctl function " David Howells
2019-06-19 13:20 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=156095034027.9363.14636937467673662369.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=jamorris@linux.microsoft.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.