git.baikalelectronics.ru Git - kernel.git/commit

author	David Howells <dhowells@redhat.com>
	Thu, 14 Feb 2019 16:20:25 +0000 (16:20 +0000)
committer	James Morris <james.morris@microsoft.com>
	Fri, 15 Feb 2019 22:12:09 +0000 (14:12 -0800)
commit	bde61bc0407c6c19e59857cadcbdd59344aa00a1
tree	1a90686fb8e972e8d202500ab3d53196ec29cd16	tree \| snapshot
parent	bfbd0c42f969cb06fc1326bcd45edf96443a06c2	commit \| diff

keys: Fix dependency loop between construction record and auth key

In the request_key() upcall mechanism there's a dependency loop by which if
a key type driver overrides the ->request_key hook and the userspace side
manages to lose the authorisation key, the auth key and the internal
construction record (struct key_construction) can keep each other pinned.

Fix this by the following changes:

(1) Killing off the construction record and using the auth key instead.

(2) Including the operation name in the auth key payload and making the
payload available outside of security/keys/.

(3) The ->request_key hook is given the authkey instead of the cons
record and operation name.

Changes (2) and (3) allow the auth key to naturally be cleaned up if the
keyring it is in is destroyed or cleared or the auth key is unlinked.

Fixes: 7ee02a316600 ("keys: Fix dependency loop between construction record and auth key")
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.morris@microsoft.com>

fs/nfs/nfs4idmap.c		diff \| blob \| history
include/keys/request_key_auth-type.h	[new file with mode: 0644]	blob
include/linux/key-type.h		diff \| blob \| history
security/keys/internal.h		diff \| blob \| history
security/keys/keyctl.c		diff \| blob \| history
security/keys/process_keys.c		diff \| blob \| history
security/keys/request_key.c		diff \| blob \| history
security/keys/request_key_auth.c		diff \| blob \| history