43a1e37445
Nicholas Carlini reports that the keyring code calls assoc_array_find() in find_key_to_update() without holding the RCU read lock, while the assoc_array_gc() code really is designed around removing the node from the tree and then freeing it after an RCU grace-period. The regular key handling doesn't see this because holding the keyring semaphore hides any lifetime issues, but the persistent key handling uses a different model. Instead of extending the keyring locking, just do the simple RCU locking that the assoc_array was designed for. Reported-by: Nicholas Carlini <npc@anthropic.com> Cc: David Howells <dhowells@redhat.com> Cc: Jarkko Sakkinen <jarkko@kernel.org> Cc: Paul Moore <paul@paul-moore.com> Cc: James Morris James Morris <jmorris@namei.org> Cc: Serge E. Hallyn <serge@hallyn.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|---|---|---|
| .. | ||
| encrypted-keys | ||
| trusted-keys | ||
| Kconfig | ||
| Makefile | ||
| big_key.c | ||
| compat.c | ||
| compat_dh.c | ||
| dh.c | ||
| gc.c | ||
| internal.h | ||
| key.c | ||
| keyctl.c | ||
| keyctl_pkey.c | ||
| keyring.c | ||
| permission.c | ||
| persistent.c | ||
| proc.c | ||
| process_keys.c | ||
| request_key.c | ||
| request_key_auth.c | ||
| sysctl.c | ||
| user_defined.c | ||