hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-sg2042/security/keys
History
Eric Biggers 884bee0215 KEYS: fix key refcount leak in keyctl_assume_authority() 
In keyctl_assume_authority(), if keyctl_change_reqkey_auth() were to
fail, we would leak the reference to the 'authkey'.  Currently this can
only happen if prepare_creds() fails to allocate memory.  But it still
should be fixed, as it is a more severe bug waiting to happen.

This patch also moves the read of 'authkey->serial' to before the
reference to the authkey is dropped.  Doing the read after dropping the
reference is very fragile because it assumes we still hold another
reference to the key.  (Which we do, in current->cred->request_key_auth,
but there's no reason not to write it in the "obviously correct" way.)

Fixes: d84f4f992c ("CRED: Inaugurate COW credentials")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
 		2017-09-25 15:19:57 +01:00
..
encrypted-keys There has been a fair amount of activity in the docs tree this time 2017-07-03 21:13:25 -07:00
Kconfig KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API 2017-06-09 13:29:50 +10:00
Makefile KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
big_key.c fs: fix kernel_write prototype 2017-09-04 19:05:15 -04:00
compat.c KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
compat_dh.c KEYS: DH: validate __spare field 2017-07-14 11:01:38 +10:00
dh.c KEYS: DH: validate __spare field 2017-07-14 11:01:38 +10:00
gc.c KEYS: sanitize key structs before freeing 2017-06-09 13:29:48 +10:00
internal.h Now that IPC and other changes have landed, enable manual markings for 2017-07-19 08:55:18 -07:00
key.c KEYS: fix refcount_inc() on zero 2017-06-09 13:29:50 +10:00
keyctl.c KEYS: fix key refcount leak in keyctl_assume_authority() 2017-09-25 15:19:57 +01:00
keyring.c security: use READ_ONCE instead of deprecated ACCESS_ONCE 2017-06-09 13:29:45 +10:00
permission.c KEYS: Move the flags representing required permission to linux/key.h 2014-03-14 17:44:49 +00:00
persistent.c sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h> 2017-03-02 08:42:31 +01:00
proc.c security, keys: convert key_user.usage from atomic_t to refcount_t 2017-04-03 10:49:06 +10:00
process_keys.c KEYS: put keyring if install_session_keyring_to_cred() fails 2017-06-09 13:29:46 +10:00
request_key.c doc: ReSTify keys-request-key.txt 2017-05-18 10:33:51 -06:00
request_key_auth.c KEYS: don't revoke uninstantiated key in request_key_auth_new() 2017-09-25 15:19:56 +01:00
sysctl.c security: Convert use of typedef ctl_table to struct ctl_table 2014-04-15 13:39:58 +10:00
trusted.c There has been a fair amount of activity in the docs tree this time 2017-07-03 21:13:25 -07:00
trusted.h keys, trusted: move struct trusted_key_options to trusted-type.h 2015-10-19 01:01:21 +02:00
user_defined.c KEYS: user_defined: sanitize key payloads 2017-06-09 13:29:48 +10:00