cifs: explicitly revoke SPNEGO key after session setup
cifs: explicitly revoke SPNEGO key after session setup The SPNEGO blob returned by an upcall can only be used once. Explicitly revoke it to make sure that we never pick it up again after session setup exits. This doesn't seem to be that big an issue on more recent kernels, but older kernels seem to link keys into the session keyring by default. That said, explicitly revoking the key seems like a reasonable thing to do here. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
d9414774dc
commit
dfd15c46a6
|
@ -624,8 +624,10 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
|
||||||
ses, nls_cp);
|
ses, nls_cp);
|
||||||
|
|
||||||
ssetup_exit:
|
ssetup_exit:
|
||||||
if (spnego_key)
|
if (spnego_key) {
|
||||||
|
key_revoke(spnego_key);
|
||||||
key_put(spnego_key);
|
key_put(spnego_key);
|
||||||
|
}
|
||||||
kfree(str_area);
|
kfree(str_area);
|
||||||
if (resp_buf_type == CIFS_SMALL_BUFFER) {
|
if (resp_buf_type == CIFS_SMALL_BUFFER) {
|
||||||
cFYI(1, ("ssetup freeing small buf %p", iov[0].iov_base));
|
cFYI(1, ("ssetup freeing small buf %p", iov[0].iov_base));
|
||||||
|
|
Loading…
Reference in New Issue