git.baikalelectronics.ru Git - kernel.git/commit

author	Yang Xu <xuyang2018.jy@cn.fujitsu.com>
	Fri, 28 Feb 2020 04:41:51 +0000 (12:41 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 17 Apr 2020 08:50:11 +0000 (10:50 +0200)
commit	df2f2dd573242b8382a2d163ca4ce8d27f09ce6d
tree	3ad4cf588af57bb00d7b43e98b4248ad4cc55fdd	tree \| snapshot
parent	1683dcb832c215e294ca1165a78bd7555c5292ec	commit \| diff

KEYS: reaching the keys quotas correctly

commit f850a26c0a238838a4ae547e1bb6b722010dedb9 upstream.

Currently, when we add a new user key, the calltrace as below:

add_key()
  key_create_or_update()
    key_alloc()
    __key_instantiate_and_link
      generic_key_instantiate
        key_payload_reserve
          ......

Since commit f1cd10c55a40 ("KEYS: allow reaching the keys quotas exactly"),
we can reach max bytes/keys in key_alloc, but we forget to remove this
limit when we reserver space for payload in key_payload_reserve. So we
can only reach max keys but not max bytes when having delta between plen
and type->def_datalen. Remove this limit when instantiating the key, so we
can keep consistent with key_alloc.

Also, fix the similar problem in keyctl_chown_key().

Fixes: af9cfda53d9c ("keys: make the keyring quotas controllable through /proc/sys")
Fixes: f1cd10c55a40 ("KEYS: allow reaching the keys quotas exactly")
Cc: stable@vger.kernel.org # 5.0.x
Cc: Eric Biggers <ebiggers@google.com>
Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

security/keys/key.c		diff \| blob \| history
security/keys/keyctl.c		diff \| blob \| history