From: David Howells <dhowells@redhat.com>
To: torvalds@linux-foundation.org
Cc: dhowells@redhat.com, jarkko.sakkinen@linux.intel.com,
longman@redhat.com, keyrings@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [GIT PULL] keys: Fix key->sem vs mmap_sem issue when reading key
Date: Mon, 30 Mar 2020 12:16:38 +0000 [thread overview]
Message-ID: <1437197.1585570598@warthog.procyon.org.uk> (raw)
Hi Linus,
Here's a couple of patches that fix a circular dependency between holding
key->sem and mm->mmap_sem when reading data from a key. One potential
issue is that a filesystem looking to use a key inside, say, ->readpages()
could deadlock if the key being read is the key that's required and the
buffer the key is being read into is on a page that needs to be fetched.
The case actually detected is a bit more involved - with a filesystem
calling request_key() and locking the target keyring for write - which
could be being read.
[Note: kbuild spotted a compiler(?) warning that I've not seen before,
complaining "The scope of the variable 'oldxdr' can be reduced.
[variableScope]". It's unhappy that a variable that's declared at the top
of the function hasn't been moved into an interior for-loop. Is this
something we're now requiring? Anyway, I'd prefer to fix that with a
follow up patch through the net tree rather than go for a 9th iteration on
these patches.]
Thanks,
David
---
The following changes since commit 1b649e0bcae71c118c1333e02249a7510ba7f70a:
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net (2020-03-25 13:58:05 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/keys-fixes-20200329
for you to fetch changes up to 4f0882491a148059a52480e753b7f07fc550e188:
KEYS: Avoid false positive ENOMEM error on key read (2020-03-29 12:40:41 +0100)
----------------------------------------------------------------
Keyrings fixes
----------------------------------------------------------------
Waiman Long (2):
KEYS: Don't write out to userspace while holding key semaphore
KEYS: Avoid false positive ENOMEM error on key read
include/keys/big_key-type.h | 2 +-
include/keys/user-type.h | 3 +-
include/linux/key-type.h | 2 +-
net/dns_resolver/dns_key.c | 2 +-
net/rxrpc/key.c | 27 +++-----
security/keys/big_key.c | 11 ++--
security/keys/encrypted-keys/encrypted.c | 7 +-
security/keys/internal.h | 12 ++++
security/keys/keyctl.c | 103 +++++++++++++++++++++++++-----
security/keys/keyring.c | 6 +-
security/keys/request_key_auth.c | 7 +-
security/keys/trusted-keys/trusted_tpm1.c | 14 +---
security/keys/user_defined.c | 5 +-
13 files changed, 126 insertions(+), 75 deletions(-)
next reply other threads:[~2020-03-30 12:16 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-30 12:16 David Howells [this message]
2020-04-04 20:00 ` [GIT PULL] keys: Fix key->sem vs mmap_sem issue when reading key Linus Torvalds
2020-04-05 3:10 ` Waiman Long
2020-04-05 9:03 ` David Howells
2020-04-05 17:31 ` Linus Torvalds
2020-04-06 2:38 ` Waiman Long
2020-04-04 20:05 ` pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1437197.1585570598@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=longman@redhat.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).