linux-sg2042/security/keys
David Howells 94c4554ba0 KEYS: Fix race between key destruction and finding a keyring by name
There appears to be a race between:

 (1) key_gc_unused_keys() which frees key->security and then calls
     keyring_destroy() to unlink the name from the name list

 (2) find_keyring_by_name() which calls key_permission(), thus accessing
     key->security, on a key before checking to see whether the key usage is 0
     (ie. the key is dead and might be cleaned up).

Fix this by calling ->destroy() before cleaning up the core key data -
including key->security.

Reported-by: Petr Matousek <pmatouse@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2015-09-25 16:30:08 +01:00
..
encrypted-keys KEYS: Fix stale key registration at error path 2014-12-06 21:50:36 -05:00
Kconfig KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y 2015-01-22 22:34:32 +00:00
Makefile KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches 2013-09-24 10:35:19 +01:00
big_key.c KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00
compat.c switch keyctl_instantiate_key_common() to iov_iter 2015-04-11 22:27:12 -04:00
gc.c KEYS: Fix race between key destruction and finding a keyring by name 2015-09-25 16:30:08 +01:00
internal.h switch keyctl_instantiate_key_common() to iov_iter 2015-04-11 22:27:12 -04:00
key.c KEYS: remove a bogus NULL check 2014-12-16 18:05:20 +11:00
keyctl.c switch keyctl_instantiate_key_common() to iov_iter 2015-04-11 22:27:12 -04:00
keyring.c KEYS: ensure we free the assoc array edit if edit is valid 2015-07-28 13:08:23 +10:00
permission.c KEYS: Move the flags representing required permission to linux/key.h 2014-03-14 17:44:49 +00:00
persistent.c KEYS: Move the flags representing required permission to linux/key.h 2014-03-14 17:44:49 +00:00
proc.c KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y 2015-01-22 22:34:32 +00:00
process_keys.c capabilities: ambient capabilities 2015-09-04 16:54:41 -07:00
request_key.c Don't leak a key reference if request_key() tries to use a revoked keyring 2015-02-16 13:45:16 +11:00
request_key_auth.c KEYS: Simplify KEYRING_SEARCH_{NO,DO}_STATE_CHECK flags 2014-12-01 22:52:50 +00:00
sysctl.c security: Convert use of typedef ctl_table to struct ctl_table 2014-04-15 13:39:58 +10:00
trusted.c KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00
trusted.h trusted-keys: rename trusted_defined files to trusted 2011-01-24 10:14:22 +11:00
user_defined.c KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00