diff options
author | Dragos Ciprian Nedelcu <Dragos.Ciprian.Nedelcu@enea.com> | 2020-07-15 14:51:21 +0200 |
---|---|---|
committer | Dragos Ciprian Nedelcu <Dragos.Ciprian.Nedelcu@enea.com> | 2020-07-16 11:38:36 +0200 |
commit | 18a6ac2634699280676c3e85892062e873229ccf (patch) | |
tree | bfdf0656737ddff62aef2e361e5220ea46292019 /patches | |
parent | 12f0763e9384b52f8618fba5b7a70748d4a2da05 (diff) | |
download | enea-kernel-cache-18a6ac2634699280676c3e85892062e873229ccf.tar.gz |
Backport kernel fix from linux-yocto master.
Fix is "KEYS: reaching the keys quotas correctly" form 2020-03-15.
https://git.yoctoproject.org/cgit/cgit.cgi/linux-yocto/
commit/?id=2e356101e72ab1361821b3af024d64877d9a798d
Change-Id: I34a972978bc4c9b4fef496c22bdb468a099147ea
Signed-off-by: Dragos Ciprian Nedelcu <Dragos.Ciprian.Nedelcu@enea.com>
Diffstat (limited to 'patches')
-rw-r--r-- | patches/security/0002-KEYS-reaching-the-keys-quotas-correctly.patch | 69 | ||||
-rw-r--r-- | patches/security/keys.scc | 1 |
2 files changed, 70 insertions, 0 deletions
diff --git a/patches/security/0002-KEYS-reaching-the-keys-quotas-correctly.patch b/patches/security/0002-KEYS-reaching-the-keys-quotas-correctly.patch new file mode 100644 index 0000000..37b06c6 --- /dev/null +++ b/patches/security/0002-KEYS-reaching-the-keys-quotas-correctly.patch | |||
@@ -0,0 +1,69 @@ | |||
1 | From 2e356101e72ab1361821b3af024d64877d9a798d Mon Sep 17 00:00:00 2001 | ||
2 | From: Yang Xu <xuyang2018.jy@cn.fujitsu.com> | ||
3 | Date: Fri, 28 Feb 2020 12:41:51 +0800 | ||
4 | Subject: KEYS: reaching the keys quotas correctly | ||
5 | |||
6 | Currently, when we add a new user key, the calltrace as below: | ||
7 | |||
8 | add_key() | ||
9 | key_create_or_update() | ||
10 | key_alloc() | ||
11 | __key_instantiate_and_link | ||
12 | generic_key_instantiate | ||
13 | key_payload_reserve | ||
14 | ...... | ||
15 | |||
16 | Since commit a08bf91ce28e ("KEYS: allow reaching the keys quotas exactly"), | ||
17 | we can reach max bytes/keys in key_alloc, but we forget to remove this | ||
18 | limit when we reserver space for payload in key_payload_reserve. So we | ||
19 | can only reach max keys but not max bytes when having delta between plen | ||
20 | and type->def_datalen. Remove this limit when instantiating the key, so we | ||
21 | can keep consistent with key_alloc. | ||
22 | |||
23 | Also, fix the similar problem in keyctl_chown_key(). | ||
24 | |||
25 | Fixes: 0b77f5bfb45c ("keys: make the keyring quotas controllable through /proc/sys") | ||
26 | Fixes: a08bf91ce28e ("KEYS: allow reaching the keys quotas exactly") | ||
27 | Cc: stable@vger.kernel.org # 5.0.x | ||
28 | Cc: Eric Biggers <ebiggers@google.com> | ||
29 | Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com> | ||
30 | Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | ||
31 | Reviewed-by: Eric Biggers <ebiggers@google.com> | ||
32 | Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | ||
33 | --- | ||
34 | security/keys/key.c | 2 +- | ||
35 | security/keys/keyctl.c | 4 ++-- | ||
36 | 2 files changed, 3 insertions(+), 3 deletions(-) | ||
37 | |||
38 | diff --git a/security/keys/key.c b/security/keys/key.c | ||
39 | index 718bf7217420..e959b3c96b48 100644 | ||
40 | --- a/security/keys/key.c | ||
41 | +++ b/security/keys/key.c | ||
42 | @@ -382,7 +382,7 @@ int key_payload_reserve(struct key *key, size_t datalen) | ||
43 | spin_lock(&key->user->lock); | ||
44 | |||
45 | if (delta > 0 && | ||
46 | - (key->user->qnbytes + delta >= maxbytes || | ||
47 | + (key->user->qnbytes + delta > maxbytes || | ||
48 | key->user->qnbytes + delta < key->user->qnbytes)) { | ||
49 | ret = -EDQUOT; | ||
50 | } | ||
51 | diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c | ||
52 | index 9b898c969558..d1a3dea58dee 100644 | ||
53 | --- a/security/keys/keyctl.c | ||
54 | +++ b/security/keys/keyctl.c | ||
55 | @@ -937,8 +937,8 @@ long keyctl_chown_key(key_serial_t id, uid_t user, gid_t group) | ||
56 | key_quota_root_maxbytes : key_quota_maxbytes; | ||
57 | |||
58 | spin_lock(&newowner->lock); | ||
59 | - if (newowner->qnkeys + 1 >= maxkeys || | ||
60 | - newowner->qnbytes + key->quotalen >= maxbytes || | ||
61 | + if (newowner->qnkeys + 1 > maxkeys || | ||
62 | + newowner->qnbytes + key->quotalen > maxbytes || | ||
63 | newowner->qnbytes + key->quotalen < | ||
64 | newowner->qnbytes) | ||
65 | goto quota_overrun; | ||
66 | -- | ||
67 | cgit v1.2.2-1-g5e49 | ||
68 | |||
69 | |||
diff --git a/patches/security/keys.scc b/patches/security/keys.scc new file mode 100644 index 0000000..0c937e0 --- /dev/null +++ b/patches/security/keys.scc | |||
@@ -0,0 +1 @@ | |||
patch 0002-KEYS-reaching-the-keys-quotas-correctly.patch | |||