From: David Howells <dhowells@redhat.com> To: torvalds@linux-foundation.org Cc: dhowells@redhat.com, Jarkko Sakkinen <jarkko@kernel.org>, Bharath SM <bharathsm@microsoft.com>, Shyam Prasad N <nspmangalore@gmail.com>, Steve French <smfrench@gmail.com>, Robbie Harwood <rharwood@redhat.com>, Eric Biederman <ebiederm@xmission.com>, Herbert Xu <herbert@gondor.apana.org.au>, keyrings@vger.kernel.org, linux-cifs@vger.kernel.org, linux-crypto@vger.kernel.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [GIT PULL] keys: Miscellaneous fixes/changes Date: Tue, 21 Mar 2023 16:43:49 +0000 [thread overview] Message-ID: <2851036.1679417029@warthog.procyon.org.uk> (raw) Hi Linus, Could you pull these fixes/changes for keyrings? (1) Fix request_key() so that it doesn't cache a looked up key on the current thread if that thread is a kernel thread. The cache is cleared during notify_resume - but that doesn't happen in kernel threads. This is causing cifs DNS keys to be un-invalidateable. (2) Fix a wrapper check in verify_pefile() to not round up the length. (3) Change asymmetric_keys code to log errors to make it easier for users to work out why failures occurred. Thanks, David --- The following changes since commit fc89d7fb499b0162e081f434d45e8d1b47e82ece: Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost (2023-03-13 10:43:09 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/keys-fixes-20230321 for you to fetch changes up to 3584c1dbfffdabf8e3dc1dd25748bb38dd01cd43: asymmetric_keys: log on fatal failures in PE/pkcs7 (2023-03-21 16:23:56 +0000) ---------------------------------------------------------------- keyrings fixes ---------------------------------------------------------------- David Howells (1): keys: Do not cache key in task struct if key is requested from kernel thread Robbie Harwood (2): verify_pefile: relax wrapper length check asymmetric_keys: log on fatal failures in PE/pkcs7 crypto/asymmetric_keys/pkcs7_verify.c | 10 +++++----- crypto/asymmetric_keys/verify_pefile.c | 32 ++++++++++++++++++-------------- security/keys/request_key.c | 9 ++++++--- 3 files changed, 29 insertions(+), 22 deletions(-) _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells@redhat.com> To: torvalds@linux-foundation.org Cc: dhowells@redhat.com, Jarkko Sakkinen <jarkko@kernel.org>, Bharath SM <bharathsm@microsoft.com>, Shyam Prasad N <nspmangalore@gmail.com>, Steve French <smfrench@gmail.com>, Robbie Harwood <rharwood@redhat.com>, Eric Biederman <ebiederm@xmission.com>, Herbert Xu <herbert@gondor.apana.org.au>, keyrings@vger.kernel.org, linux-cifs@vger.kernel.org, linux-crypto@vger.kernel.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [GIT PULL] keys: Miscellaneous fixes/changes Date: Tue, 21 Mar 2023 16:43:49 +0000 [thread overview] Message-ID: <2851036.1679417029@warthog.procyon.org.uk> (raw) Hi Linus, Could you pull these fixes/changes for keyrings? (1) Fix request_key() so that it doesn't cache a looked up key on the current thread if that thread is a kernel thread. The cache is cleared during notify_resume - but that doesn't happen in kernel threads. This is causing cifs DNS keys to be un-invalidateable. (2) Fix a wrapper check in verify_pefile() to not round up the length. (3) Change asymmetric_keys code to log errors to make it easier for users to work out why failures occurred. Thanks, David --- The following changes since commit fc89d7fb499b0162e081f434d45e8d1b47e82ece: Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost (2023-03-13 10:43:09 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/keys-fixes-20230321 for you to fetch changes up to 3584c1dbfffdabf8e3dc1dd25748bb38dd01cd43: asymmetric_keys: log on fatal failures in PE/pkcs7 (2023-03-21 16:23:56 +0000) ---------------------------------------------------------------- keyrings fixes ---------------------------------------------------------------- David Howells (1): keys: Do not cache key in task struct if key is requested from kernel thread Robbie Harwood (2): verify_pefile: relax wrapper length check asymmetric_keys: log on fatal failures in PE/pkcs7 crypto/asymmetric_keys/pkcs7_verify.c | 10 +++++----- crypto/asymmetric_keys/verify_pefile.c | 32 ++++++++++++++++++-------------- security/keys/request_key.c | 9 ++++++--- 3 files changed, 29 insertions(+), 22 deletions(-)
next reply other threads:[~2023-03-21 16:44 UTC|newest] Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top 2023-03-21 16:43 David Howells [this message] 2023-03-21 16:43 ` [GIT PULL] keys: Miscellaneous fixes/changes David Howells 2023-03-21 18:48 ` Linus Torvalds 2023-03-21 18:48 ` Linus Torvalds 2023-03-21 19:16 ` Jens Axboe 2023-03-21 19:16 ` Jens Axboe 2023-03-21 19:21 ` Linus Torvalds 2023-03-21 19:21 ` Linus Torvalds 2023-03-21 19:32 ` Jens Axboe 2023-03-21 19:32 ` Jens Axboe 2023-03-21 19:12 ` pr-tracker-bot 2023-03-21 19:12 ` pr-tracker-bot
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=2851036.1679417029@warthog.procyon.org.uk \ --to=dhowells@redhat.com \ --cc=bharathsm@microsoft.com \ --cc=ebiederm@xmission.com \ --cc=herbert@gondor.apana.org.au \ --cc=jarkko@kernel.org \ --cc=kexec@lists.infradead.org \ --cc=keyrings@vger.kernel.org \ --cc=linux-cifs@vger.kernel.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=nspmangalore@gmail.com \ --cc=rharwood@redhat.com \ --cc=smfrench@gmail.com \ --cc=torvalds@linux-foundation.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.