From: Kirill Marinushkin <k.marinushkin@gmail.com>
To: dhowells@redhat.com
Cc: k.marinushkin@gmail.com, zer0mem@yahoo.com,
gregkh@linuxfoundation.org, serge@hallyn.com,
james.l.morris@oracle.com, keyrings@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, stable@vger.kernel.org
Subject: RE: [RFC][PATCH] KEYS: Sort out big_key initialisation
Date: Thu, 11 Aug 2016 21:48:07 +0200 [thread overview]
Message-ID: <1470944887-8869-1-git-send-email-k.marinushkin@gmail.com> (raw)
In-Reply-To: <10390.1469625815@warthog.procyon.org.uk>
> The attached patch *might* fix the problem that's being seen. It certainly
> fixes the init problem.
I tested that the patch suggested in the original RFC works and really fixes
the issue.
The issue reproduses always with the reporter's configuration.
After applying the patch suggested in the original RFC, big_key returns error
code instead of crashing.
Tested with:
method suggested in the original report;
method suggested in the original RFC;
some other tests.
Additionally below is a fix for dependency.
After applying this patch big_key is created and read successfully.
---
commit 69ed34b303f87a1a53470dd37149ac1573d79da2
Author: Kirill Marinushkin <k.marinushkin@gmail.com>
Date: Mon, 8 Aug 2016 23:19:32 +0200
KEYS: fix big_key dependency
Signed-off-by: Kirill Marinushkin <k.marinushkin@gmail.com>
cc: David Howells <dhowells@redhat.com>
cc: Peter Hlavaty <zer0mem@yahoo.com>
cc: Greg KH <gregkh@linuxfoundation.org>
cc: stable@vger.kernel.org
---
security/keys/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index f826e87..8213221 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -44,7 +44,7 @@ config BIG_KEYS
select CRYPTO
select CRYPTO_AES
select CRYPTO_ECB
- select CRYPTO_RNG
+ select CRYPTO_ANSI_CPRNG
help
This option provides support for holding large keys within the kernel
(for example Kerberos ticket caches). The data may be stored out to
--
1.9.1
next prev parent reply other threads:[~2016-08-11 19:48 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <47074.85917.bm@smtp228.mail.bf1.yahoo.com>
[not found] ` <531421.11642.bm@smtp201.mail.bf1.yahoo.com>
2016-07-22 21:41 ` [zer0mem@yahoo.com: [oss-security] panic at big_key_preparse #4.7-r6/rc7 & master] Greg KH
2016-07-25 13:00 ` David Howells
2016-07-25 21:45 ` David Howells
2016-07-26 7:45 ` David Howells
2016-07-26 9:17 ` Vegard Nossum
2016-07-26 10:12 ` David Howells
2016-07-25 13:06 ` David Howells
2016-07-25 15:27 ` David Howells
2016-07-25 20:17 ` Greg KH
2016-07-26 22:45 ` David Howells
2016-08-25 22:08 ` Kirill Marinushkin
2016-07-27 13:23 ` [RFC][PATCH] KEYS: Sort out big_key initialisation David Howells
2016-08-10 18:20 ` Kirill Marinushkin
2016-08-11 19:48 ` Kirill Marinushkin [this message]
2016-08-27 10:22 ` [zer0mem@yahoo.com: [oss-security] panic at big_key_preparse #4.7-r6/rc7 & master] Kirill Marinushkin
2016-08-09 16:38 [RFC][PATCH] KEYS: Sort out big_key initialisation Kirill Marinushkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1470944887-8869-1-git-send-email-k.marinushkin@gmail.com \
--to=k.marinushkin@gmail.com \
--cc=dhowells@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=james.l.morris@oracle.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=stable@vger.kernel.org \
--cc=zer0mem@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.