From: David Howells <dhowells@redhat.com>
To: torvalds@linux-foundation.org
Cc: dhowells@redhat.com, Jarkko Sakkinen <jarkko@kernel.org>,
Bharath SM <bharathsm@microsoft.com>,
Shyam Prasad N <nspmangalore@gmail.com>,
Steve French <smfrench@gmail.com>,
Robbie Harwood <rharwood@redhat.com>,
Eric Biederman <ebiederm@xmission.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
keyrings@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-crypto@vger.kernel.org, kexec@lists.infradead.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [GIT PULL] keys: Miscellaneous fixes/changes
Date: Tue, 21 Mar 2023 16:43:49 +0000 [thread overview]
Message-ID: <2851036.1679417029@warthog.procyon.org.uk> (raw)
Hi Linus,
Could you pull these fixes/changes for keyrings?
(1) Fix request_key() so that it doesn't cache a looked up key on the
current thread if that thread is a kernel thread. The cache is
cleared during notify_resume - but that doesn't happen in kernel
threads. This is causing cifs DNS keys to be un-invalidateable.
(2) Fix a wrapper check in verify_pefile() to not round up the length.
(3) Change asymmetric_keys code to log errors to make it easier for users
to work out why failures occurred.
Thanks,
David
---
The following changes since commit fc89d7fb499b0162e081f434d45e8d1b47e82ece:
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost (2023-03-13 10:43:09 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/keys-fixes-20230321
for you to fetch changes up to 3584c1dbfffdabf8e3dc1dd25748bb38dd01cd43:
asymmetric_keys: log on fatal failures in PE/pkcs7 (2023-03-21 16:23:56 +0000)
----------------------------------------------------------------
keyrings fixes
----------------------------------------------------------------
David Howells (1):
keys: Do not cache key in task struct if key is requested from kernel thread
Robbie Harwood (2):
verify_pefile: relax wrapper length check
asymmetric_keys: log on fatal failures in PE/pkcs7
crypto/asymmetric_keys/pkcs7_verify.c | 10 +++++-----
crypto/asymmetric_keys/verify_pefile.c | 32 ++++++++++++++++++--------------
security/keys/request_key.c | 9 ++++++---
3 files changed, 29 insertions(+), 22 deletions(-)
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells@redhat.com>
To: torvalds@linux-foundation.org
Cc: dhowells@redhat.com, Jarkko Sakkinen <jarkko@kernel.org>,
Bharath SM <bharathsm@microsoft.com>,
Shyam Prasad N <nspmangalore@gmail.com>,
Steve French <smfrench@gmail.com>,
Robbie Harwood <rharwood@redhat.com>,
Eric Biederman <ebiederm@xmission.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
keyrings@vger.kernel.org, linux-cifs@vger.kernel.org,
linux-crypto@vger.kernel.org, kexec@lists.infradead.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [GIT PULL] keys: Miscellaneous fixes/changes
Date: Tue, 21 Mar 2023 16:43:49 +0000 [thread overview]
Message-ID: <2851036.1679417029@warthog.procyon.org.uk> (raw)
Hi Linus,
Could you pull these fixes/changes for keyrings?
(1) Fix request_key() so that it doesn't cache a looked up key on the
current thread if that thread is a kernel thread. The cache is
cleared during notify_resume - but that doesn't happen in kernel
threads. This is causing cifs DNS keys to be un-invalidateable.
(2) Fix a wrapper check in verify_pefile() to not round up the length.
(3) Change asymmetric_keys code to log errors to make it easier for users
to work out why failures occurred.
Thanks,
David
---
The following changes since commit fc89d7fb499b0162e081f434d45e8d1b47e82ece:
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost (2023-03-13 10:43:09 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/keys-fixes-20230321
for you to fetch changes up to 3584c1dbfffdabf8e3dc1dd25748bb38dd01cd43:
asymmetric_keys: log on fatal failures in PE/pkcs7 (2023-03-21 16:23:56 +0000)
----------------------------------------------------------------
keyrings fixes
----------------------------------------------------------------
David Howells (1):
keys: Do not cache key in task struct if key is requested from kernel thread
Robbie Harwood (2):
verify_pefile: relax wrapper length check
asymmetric_keys: log on fatal failures in PE/pkcs7
crypto/asymmetric_keys/pkcs7_verify.c | 10 +++++-----
crypto/asymmetric_keys/verify_pefile.c | 32 ++++++++++++++++++--------------
security/keys/request_key.c | 9 ++++++---
3 files changed, 29 insertions(+), 22 deletions(-)
next reply other threads:[~2023-03-21 16:44 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-21 16:43 David Howells [this message]
2023-03-21 16:43 ` [GIT PULL] keys: Miscellaneous fixes/changes David Howells
2023-03-21 18:48 ` Linus Torvalds
2023-03-21 18:48 ` Linus Torvalds
2023-03-21 19:16 ` Jens Axboe
2023-03-21 19:16 ` Jens Axboe
2023-03-21 19:21 ` Linus Torvalds
2023-03-21 19:21 ` Linus Torvalds
2023-03-21 19:32 ` Jens Axboe
2023-03-21 19:32 ` Jens Axboe
2023-03-21 19:12 ` pr-tracker-bot
2023-03-21 19:12 ` pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2851036.1679417029@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=bharathsm@microsoft.com \
--cc=ebiederm@xmission.com \
--cc=herbert@gondor.apana.org.au \
--cc=jarkko@kernel.org \
--cc=kexec@lists.infradead.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-cifs@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nspmangalore@gmail.com \
--cc=rharwood@redhat.com \
--cc=smfrench@gmail.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.