github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-13 17:28:30 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
deecbb3655
linux/security/keys
History
Yang Xu 14b9635944 KEYS: reaching the keys quotas correctly 
commit 2e356101e7 upstream.

Currently, when we add a new user key, the calltrace as below:

add_key()
  key_create_or_update()
    key_alloc()
    __key_instantiate_and_link
      generic_key_instantiate
        key_payload_reserve
          ......

Since commit a08bf91ce2 ("KEYS: allow reaching the keys quotas exactly"),
we can reach max bytes/keys in key_alloc, but we forget to remove this
limit when we reserver space for payload in key_payload_reserve. So we
can only reach max keys but not max bytes when having delta between plen
and type->def_datalen. Remove this limit when instantiating the key, so we
can keep consistent with key_alloc.

Also, fix the similar problem in keyctl_chown_key().

Fixes: 0b77f5bfb4 ("keys: make the keyring quotas controllable through /proc/sys")
Fixes: a08bf91ce2 ("KEYS: allow reaching the keys quotas exactly")
Cc: stable@vger.kernel.org # 5.0.x
Cc: Eric Biggers <ebiggers@google.com>
Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-17 10:48:46 +02:00
..
encrypted-keys License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
big_key.c big key: get rid of stack array allocation 2018-05-11 13:07:45 -07:00
compat_dh.c KEYS: DH: validate __spare field 2017-07-14 11:01:38 +10:00
compat.c KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
dh.c Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name" 2018-09-25 13:28:58 +02:00
gc.c Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-11-25 08:37:16 -10:00
internal.h keys: Fix dependency loop between construction record and auth key 2019-03-23 20:09:48 +01:00
Kconfig security/keys: BIG_KEY requires CONFIG_CRYPTO 2017-10-18 09:12:40 +01:00
key.c KEYS: reaching the keys quotas correctly 2020-04-17 10:48:46 +02:00
keyctl.c KEYS: reaching the keys quotas correctly 2020-04-17 10:48:46 +02:00
keyring.c KEYS: always initialize keyring_index_key::desc_len 2019-02-27 10:09:00 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
permission.c security: keys: Replace time_t/timespec with time64_t 2017-11-15 16:38:45 +00:00
persistent.c
proc.c KEYS: always initialize keyring_index_key::desc_len 2019-02-27 10:09:00 +01:00
process_keys.c keys: Fix dependency loop between construction record and auth key 2019-03-23 20:09:48 +01:00
request_key_auth.c keys: Fix missing null pointer check in request_key_auth_describe() 2019-09-21 07:17:13 +02:00
request_key.c keys: Fix dependency loop between construction record and auth key 2019-03-23 20:09:48 +01:00
sysctl.c
trusted.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
trusted.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
user_defined.c KEYS: Fix race between updating and finding a negative key 2017-10-18 09:12:40 +01:00