* [PATCH] Set cred->user_ns in key_replace_session_keyring
@ 2011-05-26 20:25 Serge E. Hallyn
2011-05-26 20:31 ` Linus Torvalds
0 siblings, 1 reply; 5+ messages in thread
From: Serge E. Hallyn @ 2011-05-26 20:25 UTC (permalink / raw)
To: Linus Torvalds; +Cc: Robert Święcki, David Howells, lkml
Since this cred was not created with copy_creds(), it needs to get
initialized. Otherwise use of syscall(__NR_keyctl, KEYCTL_SESSION_TO_PARENT);
can lead to a NULL deref. Thanks to Robert for finding this.
Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Reported-by: Robert Święcki <robert@swiecki.net>
Cc: David Howells <dhowells@redhat.com>
---
security/keys/process_keys.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 6c0480d..92a3a5d 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -847,6 +847,7 @@ void key_replace_session_keyring(void)
new-> sgid = old-> sgid;
new->fsgid = old->fsgid;
new->user = get_uid(old->user);
+ new->user_ns = new->user->user_ns;
new->group_info = get_group_info(old->group_info);
new->securebits = old->securebits;
--
1.7.0.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] Set cred->user_ns in key_replace_session_keyring
2011-05-26 20:25 [PATCH] Set cred->user_ns in key_replace_session_keyring Serge E. Hallyn
@ 2011-05-26 20:31 ` Linus Torvalds
2011-05-26 20:38 ` Serge E. Hallyn
0 siblings, 1 reply; 5+ messages in thread
From: Linus Torvalds @ 2011-05-26 20:31 UTC (permalink / raw)
To: Serge E. Hallyn; +Cc: Robert Święcki, David Howells, lkml
Shouldn't this also be "Cc: stable" for 2.6.39?
Bug introduced by commit 47a150edc2a, no?
Linus
On Thu, May 26, 2011 at 1:25 PM, Serge E. Hallyn <serge@hallyn.com> wrote:
> Since this cred was not created with copy_creds(), it needs to get
> initialized. Otherwise use of syscall(__NR_keyctl, KEYCTL_SESSION_TO_PARENT);
> can lead to a NULL deref. Thanks to Robert for finding this.
>
> Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
> Reported-by: Robert Święcki <robert@swiecki.net>
> Cc: David Howells <dhowells@redhat.com>
> ---
> security/keys/process_keys.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
> index 6c0480d..92a3a5d 100644
> --- a/security/keys/process_keys.c
> +++ b/security/keys/process_keys.c
> @@ -847,6 +847,7 @@ void key_replace_session_keyring(void)
> new-> sgid = old-> sgid;
> new->fsgid = old->fsgid;
> new->user = get_uid(old->user);
> + new->user_ns = new->user->user_ns;
> new->group_info = get_group_info(old->group_info);
>
> new->securebits = old->securebits;
> --
> 1.7.0.4
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Set cred->user_ns in key_replace_session_keyring
2011-05-26 20:31 ` Linus Torvalds
@ 2011-05-26 20:38 ` Serge E. Hallyn
2011-05-26 20:40 ` Linus Torvalds
0 siblings, 1 reply; 5+ messages in thread
From: Serge E. Hallyn @ 2011-05-26 20:38 UTC (permalink / raw)
To: Linus Torvalds
Cc: Serge E. Hallyn, Robert Święcki, David Howells, lkml, stable
Quoting Linus Torvalds (torvalds@linux-foundation.org):
> Shouldn't this also be "Cc: stable" for 2.6.39?
>
> Bug introduced by commit 47a150edc2a, no?
Yup, introduced there.
Stable/whoever, should I re-send this patch separately, or does this suffice?
thanks,
-serge
> Linus
>
> On Thu, May 26, 2011 at 1:25 PM, Serge E. Hallyn <serge@hallyn.com> wrote:
> > Since this cred was not created with copy_creds(), it needs to get
> > initialized. Otherwise use of syscall(__NR_keyctl, KEYCTL_SESSION_TO_PARENT);
> > can lead to a NULL deref. Thanks to Robert for finding this.
> >
> > Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
> > Reported-by: Robert Święcki <robert@swiecki.net>
> > Cc: David Howells <dhowells@redhat.com>
> > ---
> > security/keys/process_keys.c | 1 +
> > 1 files changed, 1 insertions(+), 0 deletions(-)
> >
> > diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
> > index 6c0480d..92a3a5d 100644
> > --- a/security/keys/process_keys.c
> > +++ b/security/keys/process_keys.c
> > @@ -847,6 +847,7 @@ void key_replace_session_keyring(void)
> > new-> sgid = old-> sgid;
> > new->fsgid = old->fsgid;
> > new->user = get_uid(old->user);
> > + new->user_ns = new->user->user_ns;
> > new->group_info = get_group_info(old->group_info);
> >
> > new->securebits = old->securebits;
> > --
> > 1.7.0.4
> >
> >
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Set cred->user_ns in key_replace_session_keyring
2011-05-26 20:38 ` Serge E. Hallyn
@ 2011-05-26 20:40 ` Linus Torvalds
2011-05-27 0:04 ` Serge E. Hallyn
0 siblings, 1 reply; 5+ messages in thread
From: Linus Torvalds @ 2011-05-26 20:40 UTC (permalink / raw)
To: Serge E. Hallyn; +Cc: Robert Święcki, David Howells, lkml, stable
On Thu, May 26, 2011 at 1:38 PM, Serge E. Hallyn <serge@hallyn.com> wrote:
>
> Stable/whoever, should I re-send this patch separately, or does this suffice?
I'll add the Cc and update the description to point to the commit it
was introduced in, and it will all be fine. Then the stable team will
get it automatically when I push out.
Linus
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Set cred->user_ns in key_replace_session_keyring
2011-05-26 20:40 ` Linus Torvalds
@ 2011-05-27 0:04 ` Serge E. Hallyn
0 siblings, 0 replies; 5+ messages in thread
From: Serge E. Hallyn @ 2011-05-27 0:04 UTC (permalink / raw)
To: Linus Torvalds
Cc: Serge E. Hallyn, Robert Święcki, David Howells, lkml, stable
Quoting Linus Torvalds (torvalds@linux-foundation.org):
> On Thu, May 26, 2011 at 1:38 PM, Serge E. Hallyn <serge@hallyn.com> wrote:
> >
> > Stable/whoever, should I re-send this patch separately, or does this suffice?
>
> I'll add the Cc and update the description to point to the commit it
> was introduced in, and it will all be fine. Then the stable team will
> get it automatically when I push out.
>
> Linus
Thanks very much. (I see now)
-serge
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2011-05-27 0:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-05-26 20:25 [PATCH] Set cred->user_ns in key_replace_session_keyring Serge E. Hallyn
2011-05-26 20:31 ` Linus Torvalds
2011-05-26 20:38 ` Serge E. Hallyn
2011-05-26 20:40 ` Linus Torvalds
2011-05-27 0:04 ` Serge E. Hallyn
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.