From: David Howells <dhowells@redhat.com>
To: keyrings@vger.kernel.org, ebiggers@kernel.org
Cc: James Morris <jamorris@linux.microsoft.com>,
dhowells@redhat.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 01/10] keys: sparse: Fix key_fs[ug]id_changed() [ver #3]
Date: Wed, 19 Jun 2019 14:18:51 +0100 [thread overview]
Message-ID: <156095033115.9363.3778890760816757211.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <156095032052.9363.8954337545422131435.stgit@warthog.procyon.org.uk>
Sparse warnings are incurred by key_fs[ug]id_changed() due to unprotected
accesses of tsk->cred, which is marked __rcu.
Fix this by passing the new cred struct to these functions from
commit_creds() rather than the task pointer.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
---
include/linux/key.h | 8 ++++----
kernel/cred.c | 4 ++--
security/keys/process_keys.c | 22 ++++++++++------------
3 files changed, 16 insertions(+), 18 deletions(-)
diff --git a/include/linux/key.h b/include/linux/key.h
index 7099985e35a9..1f09aad1c98c 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -402,8 +402,8 @@ extern struct ctl_table key_sysctls[];
* the userspace interface
*/
extern int install_thread_keyring_to_cred(struct cred *cred);
-extern void key_fsuid_changed(struct task_struct *tsk);
-extern void key_fsgid_changed(struct task_struct *tsk);
+extern void key_fsuid_changed(struct cred *new_cred);
+extern void key_fsgid_changed(struct cred *new_cred);
extern void key_init(void);
#else /* CONFIG_KEYS */
@@ -418,8 +418,8 @@ extern void key_init(void);
#define make_key_ref(k, p) NULL
#define key_ref_to_ptr(k) NULL
#define is_key_possessed(k) 0
-#define key_fsuid_changed(t) do { } while(0)
-#define key_fsgid_changed(t) do { } while(0)
+#define key_fsuid_changed(c) do { } while(0)
+#define key_fsgid_changed(c) do { } while(0)
#define key_init() do { } while(0)
#endif /* CONFIG_KEYS */
diff --git a/kernel/cred.c b/kernel/cred.c
index 45d77284aed0..3bd40de9e192 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -455,9 +455,9 @@ int commit_creds(struct cred *new)
/* alter the thread keyring */
if (!uid_eq(new->fsuid, old->fsuid))
- key_fsuid_changed(task);
+ key_fsuid_changed(new);
if (!gid_eq(new->fsgid, old->fsgid))
- key_fsgid_changed(task);
+ key_fsgid_changed(new);
/* do it
* RLIMIT_NPROC limits on user->processes have already been checked
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index f05f7125a7d5..ba5d3172cafe 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -293,28 +293,26 @@ static int install_session_keyring(struct key *keyring)
/*
* Handle the fsuid changing.
*/
-void key_fsuid_changed(struct task_struct *tsk)
+void key_fsuid_changed(struct cred *new_cred)
{
/* update the ownership of the thread keyring */
- BUG_ON(!tsk->cred);
- if (tsk->cred->thread_keyring) {
- down_write(&tsk->cred->thread_keyring->sem);
- tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
- up_write(&tsk->cred->thread_keyring->sem);
+ if (new_cred->thread_keyring) {
+ down_write(&new_cred->thread_keyring->sem);
+ new_cred->thread_keyring->uid = new_cred->fsuid;
+ up_write(&new_cred->thread_keyring->sem);
}
}
/*
* Handle the fsgid changing.
*/
-void key_fsgid_changed(struct task_struct *tsk)
+void key_fsgid_changed(struct cred *new_cred)
{
/* update the ownership of the thread keyring */
- BUG_ON(!tsk->cred);
- if (tsk->cred->thread_keyring) {
- down_write(&tsk->cred->thread_keyring->sem);
- tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
- up_write(&tsk->cred->thread_keyring->sem);
+ if (new_cred->thread_keyring) {
+ down_write(&new_cred->thread_keyring->sem);
+ new_cred->thread_keyring->gid = new_cred->fsgid;
+ up_write(&new_cred->thread_keyring->sem);
}
}
next prev parent reply other threads:[~2019-06-19 13:18 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-19 13:18 [PATCH 00/10] keys: Miscellany [ver #3] David Howells
2019-06-19 13:18 ` David Howells [this message]
2019-06-19 13:19 ` [PATCH 02/10] keys: sparse: Fix incorrect RCU accesses " David Howells
2019-06-19 13:19 ` [PATCH 03/10] keys: sparse: Fix kdoc mismatches " David Howells
2019-06-19 13:19 ` [PATCH 04/10] keys: Change keyring_serialise_link_sem to a mutex " David Howells
2019-06-19 13:19 ` [PATCH 05/10] keys: Break bits out of key_unlink() " David Howells
2019-06-19 13:19 ` [PATCH 06/10] keys: Hoist locking out of __key_link_begin() " David Howells
2019-06-19 13:19 ` [PATCH 07/10] keys: Add a keyctl to move a key between keyrings " David Howells
2019-06-19 13:19 ` [PATCH 08/10] keys: Grant Link permission to possessers of request_key auth keys " David Howells
2019-06-19 13:19 ` [PATCH 09/10] keys: Reuse keyring_index_key::desc_len in lookup_user_key() " David Howells
2019-06-19 13:20 ` [PATCH 10/10] keys: Add capability-checking keyctl function " David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=156095033115.9363.3778890760816757211.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=jamorris@linux.microsoft.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).