From: David Howells <dhowells@redhat.com>
To: keyrings@vger.kernel.org
Cc: dhowells@redhat.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 2/7] keys: sparse: Fix incorrect RCU accesses
Date: Wed, 22 May 2019 23:28:17 +0100 [thread overview]
Message-ID: <155856409697.10428.15024260088836364169.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <155856408314.10428.17035328117829912815.stgit@warthog.procyon.org.uk>
Fix a pair of accesses that should be using RCU protection.
rcu_dereference_protected() is needed to access task_struct::real_parent.
current_cred() should be used to access current->cred.
Signed-off-by: David Howells <dhowells@redhat.com>
---
security/keys/keyctl.c | 3 ++-
security/keys/request_key_auth.c | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 3e4053a217c3..0f947bcbad46 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -1524,7 +1524,8 @@ long keyctl_session_to_parent(void)
ret = -EPERM;
oldwork = NULL;
- parent = me->real_parent;
+ parent = rcu_dereference_protected(me->real_parent,
+ lockdep_is_held(&tasklist_lock));
/* the parent mustn't be init and mustn't be a kernel thread */
if (parent->pid <= 1 || !parent->mm)
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index bda6201c6c45..572c7a60473a 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -152,7 +152,7 @@ struct key *request_key_auth_new(struct key *target, const char *op,
struct key *dest_keyring)
{
struct request_key_auth *rka, *irka;
- const struct cred *cred = current->cred;
+ const struct cred *cred = current_cred();
struct key *authkey = NULL;
char desc[20];
int ret = -ENOMEM;
next prev parent reply other threads:[~2019-05-22 22:28 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-22 22:28 [PATCH 0/7] keys: Miscellany David Howells
2019-05-22 22:28 ` [PATCH 1/7] keys: sparse: Fix key_fs[ug]id_changed() David Howells
2019-05-24 19:38 ` James Morris
2019-05-22 22:28 ` David Howells [this message]
2019-05-25 3:57 ` [PATCH 2/7] keys: sparse: Fix incorrect RCU accesses James Morris
2019-05-22 22:28 ` [PATCH 3/7] keys: sparse: Fix kdoc mismatches David Howells
2019-05-25 3:57 ` James Morris
2019-05-22 22:28 ` [PATCH 4/7] keys: Break bits out of key_unlink() David Howells
2019-05-28 20:41 ` James Morris
2019-05-22 22:28 ` [PATCH 5/7] keys: Make __key_link_begin() handle lockdep nesting David Howells
2019-05-28 20:42 ` James Morris
2019-05-22 22:28 ` [PATCH 6/7] keys: Add a keyctl to move a key between keyrings David Howells
2019-05-28 20:51 ` James Morris
2019-05-29 21:34 ` David Howells
2019-05-29 23:25 ` Eric Biggers
2019-05-30 13:31 ` David Howells
2019-05-22 22:28 ` [PATCH 7/7] keys: Grant Link permission to possessers of request_key auth keys David Howells
2019-05-28 21:01 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=155856409697.10428.15024260088836364169.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).