aboutsummaryrefslogtreecommitdiffstats
path: root/main/linux-grsec/keys-fix-race-between-destruction-and-finding-keyring-by-name.patch
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2016-02-12 14:36:44 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2016-02-12 15:16:54 +0000
commiteefe9c067296eb711601be8a940c32da6ed21098 (patch)
tree298fe89cb28292a64d343a42bec4ebe3b555c8ac /main/linux-grsec/keys-fix-race-between-destruction-and-finding-keyring-by-name.patch
parentad505c4dc1282e29266eabbbd26865cb3a7e989c (diff)
downloadaports-eefe9c067296eb711601be8a940c32da6ed21098.tar.bz2
aports-eefe9c067296eb711601be8a940c32da6ed21098.tar.xz
main/linux-grsec: upgrade to 4.1.17
Diffstat (limited to 'main/linux-grsec/keys-fix-race-between-destruction-and-finding-keyring-by-name.patch')
-rw-r--r--main/linux-grsec/keys-fix-race-between-destruction-and-finding-keyring-by-name.patch52
1 files changed, 0 insertions, 52 deletions
diff --git a/main/linux-grsec/keys-fix-race-between-destruction-and-finding-keyring-by-name.patch b/main/linux-grsec/keys-fix-race-between-destruction-and-finding-keyring-by-name.patch
deleted file mode 100644
index 792296068f..0000000000
--- a/main/linux-grsec/keys-fix-race-between-destruction-and-finding-keyring-by-name.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 94c4554ba07adbdde396748ee7ae01e86cf2d8d7 Mon Sep 17 00:00:00 2001
-From: David Howells <dhowells@redhat.com>
-Date: Fri, 25 Sep 2015 16:30:08 +0100
-Subject: KEYS: Fix race between key destruction and finding a keyring by name
-
-There appears to be a race between:
-
- (1) key_gc_unused_keys() which frees key->security and then calls
- keyring_destroy() to unlink the name from the name list
-
- (2) find_keyring_by_name() which calls key_permission(), thus accessing
- key->security, on a key before checking to see whether the key usage is 0
- (ie. the key is dead and might be cleaned up).
-
-Fix this by calling ->destroy() before cleaning up the core key data -
-including key->security.
-
-Reported-by: Petr Matousek <pmatouse@redhat.com>
-Signed-off-by: David Howells <dhowells@redhat.com>
----
- security/keys/gc.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/security/keys/gc.c b/security/keys/gc.c
-index c795237..39eac1f 100644
---- a/security/keys/gc.c
-+++ b/security/keys/gc.c
-@@ -134,6 +134,10 @@ static noinline void key_gc_unused_keys(struct list_head *keys)
- kdebug("- %u", key->serial);
- key_check(key);
-
-+ /* Throw away the key data */
-+ if (key->type->destroy)
-+ key->type->destroy(key);
-+
- security_key_free(key);
-
- /* deal with the user's key tracking and quota */
-@@ -148,10 +152,6 @@ static noinline void key_gc_unused_keys(struct list_head *keys)
- if (test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
- atomic_dec(&key->user->nikeys);
-
-- /* now throw away the key memory */
-- if (key->type->destroy)
-- key->type->destroy(key);
--
- key_user_put(key->user);
-
- kfree(key->description);
---
-cgit v0.11.2
-