git.baikalelectronics.ru Git - kernel.git/commit

author	Eric Biggers <ebiggers@google.com>
	Thu, 2 Nov 2017 00:47:03 +0000 (00:47 +0000)
committer	James Morris <james.l.morris@oracle.com>
	Thu, 2 Nov 2017 09:58:05 +0000 (20:58 +1100)
commit	b3a68e05d2d360d6dad7fee99b7f7e4bca4ec123
tree	aaca6a6994664d8c704b49fd3cc7f995e75007a8	tree \| snapshot
parent	fcdba717a7b442b42f8ba1ff1026ba527d7220a8	commit \| diff

KEYS: return full count in keyring_read() if buffer is too small

Commit c2a13ebd0374 ("KEYS: fix writing past end of user-supplied buffer
in keyring_read()") made keyring_read() stop corrupting userspace memory
when the user-supplied buffer is too small. However it also made the
return value in that case be the short buffer size rather than the size
required, yet keyctl_read() is actually documented to return the size
required. Therefore, switch it over to the documented behavior.

Note that for now we continue to have it fill the short buffer, since it
did that before (pre-v3.13) and dump_key_tree_aux() in keyutils arguably
relies on it.

Fixes: c2a13ebd0374 ("KEYS: fix writing past end of user-supplied buffer in keyring_read()")
Reported-by: Ben Hutchings <ben@decadent.org.uk>
Cc: <stable@vger.kernel.org> # v3.13+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>