| commit | cdd7149543f4b9df682be9dca0f4a4a4f2097519 | |
| author | David Howells <dhowells@redhat.com> | |
| Thu, 9 Apr 2009 16:14:05 +0000 (9 17:14 +0100) | ||
| committer | Greg Kroah-Hartman <gregkh@suse.de> | |
| Mon, 15 Jun 2009 16:40:17 +0000 (15 09:40 -0700) | ||
| tree | 1fa62b06c56b6325f18d7254e8d658e412f45ded | treesnapshot (tar.gz zip) |
| parent | fb6fda072d7ef219039cc0b0e8218e5f465ef02e | commitdiff |
keys: Handle there being no fallback destination keyring for request_key()
commit 34574dd10b6d0697b86703388d6d6af9cbf4bb48 upstream.
When request_key() is called, without there being any standard process
keyrings on which to fall back if a destination keyring is not specified, an
oops is liable to occur when construct_alloc_key() calls down_write() on
dest_keyring's semaphore.
Due to function inlining this may be seen as an oops in down_write() as called
from request_key_and_link().
This situation crops up during boot, where request_key() is called from within
the kernel (such as in CIFS mounts) where nobody is actually logged in, and so
PAM has not had a chance to create a session keyring and user keyrings to act
as the fallback.
To fix this, make construct_alloc_key() not attempt to cache a key if there is
no fallback key if no destination keyring is given specifically.
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Chuck Ebbert <cebbert@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
commit 34574dd10b6d0697b86703388d6d6af9cbf4bb48 upstream.
When request_key() is called, without there being any standard process
keyrings on which to fall back if a destination keyring is not specified, an
oops is liable to occur when construct_alloc_key() calls down_write() on
dest_keyring's semaphore.
Due to function inlining this may be seen as an oops in down_write() as called
from request_key_and_link().
This situation crops up during boot, where request_key() is called from within
the kernel (such as in CIFS mounts) where nobody is actually logged in, and so
PAM has not had a chance to create a session keyring and user keyrings to act
as the fallback.
To fix this, make construct_alloc_key() not attempt to cache a key if there is
no fallback key if no destination keyring is given specifically.
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Chuck Ebbert <cebbert@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| security/keys/request_key.c | diffblobblamehistory |