diff options
| author | David Howells <dhowells@redhat.com> | 2010-04-20 06:25:49 -0400 |
|---|---|---|
| committer | Paul E. McKenney <paulmck@linux.vnet.ibm.com> | 2010-05-04 12:24:58 -0400 |
| commit | bfeb0360de7713de8240cafd7ecf6058b6dbea0b (patch) | |
| tree | 65ec28e5c97f78dd70c49ba278bda215ef4da37b | |
| parent | 8b46f880841aac821af8efa6581bb0e46b8b9845 (diff) | |
KEYS: Fix an RCU warning
Fix the following RCU warning:
===================================================
[ INFO: suspicious rcu_dereference_check() usage. ]
---------------------------------------------------
security/keys/request_key.c:116 invoked rcu_dereference_check() without protection!
other info that might help us debug this:
rcu_scheduler_active = 1, debug_locks = 0
1 lock held by keyctl/5372:
#0: (key_types_sem){.+.+.+}, at: [<ffffffff811a4e3d>] key_type_lookup+0x1c/0x70
stack backtrace:
Pid: 5372, comm: keyctl Not tainted 2.6.34-rc3-cachefs #150
Call Trace:
[<ffffffff810515f8>] lockdep_rcu_dereference+0xaa/0xb2
[<ffffffff811a9220>] call_sbin_request_key+0x156/0x2b6
[<ffffffff811a4c66>] ? __key_instantiate_and_link+0xb1/0xdc
[<ffffffff811a4cd3>] ? key_instantiate_and_link+0x42/0x5f
[<ffffffff811a96b8>] ? request_key_auth_new+0x17b/0x1f3
[<ffffffff811a8e00>] ? request_key_and_link+0x271/0x400
[<ffffffff810aba6f>] ? kmem_cache_alloc+0xe1/0x118
[<ffffffff811a8f1a>] request_key_and_link+0x38b/0x400
[<ffffffff811a7b72>] sys_request_key+0xf7/0x14a
[<ffffffff81052227>] ? trace_hardirqs_on_caller+0x10c/0x130
[<ffffffff81393f5c>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[<ffffffff81001eeb>] system_call_fastpath+0x16/0x1b
This was caused by doing:
[root@andromeda ~]# keyctl newring fred @s
539196288
[root@andromeda ~]# keyctl request2 user a a 539196288
request_key: Required key not available
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
| -rw-r--r-- | security/keys/request_key.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/security/keys/request_key.c b/security/keys/request_key.c index 03fe63ed55bd..ea97c3120d66 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c | |||
| @@ -68,7 +68,8 @@ static int call_sbin_request_key(struct key_construction *cons, | |||
| 68 | { | 68 | { |
| 69 | const struct cred *cred = current_cred(); | 69 | const struct cred *cred = current_cred(); |
| 70 | key_serial_t prkey, sskey; | 70 | key_serial_t prkey, sskey; |
| 71 | struct key *key = cons->key, *authkey = cons->authkey, *keyring; | 71 | struct key *key = cons->key, *authkey = cons->authkey, *keyring, |
| 72 | *session; | ||
| 72 | char *argv[9], *envp[3], uid_str[12], gid_str[12]; | 73 | char *argv[9], *envp[3], uid_str[12], gid_str[12]; |
| 73 | char key_str[12], keyring_str[3][12]; | 74 | char key_str[12], keyring_str[3][12]; |
| 74 | char desc[20]; | 75 | char desc[20]; |
| @@ -112,10 +113,12 @@ static int call_sbin_request_key(struct key_construction *cons, | |||
| 112 | if (cred->tgcred->process_keyring) | 113 | if (cred->tgcred->process_keyring) |
| 113 | prkey = cred->tgcred->process_keyring->serial; | 114 | prkey = cred->tgcred->process_keyring->serial; |
| 114 | 115 | ||
| 115 | if (cred->tgcred->session_keyring) | 116 | rcu_read_lock(); |
| 116 | sskey = rcu_dereference(cred->tgcred->session_keyring)->serial; | 117 | session = rcu_dereference(cred->tgcred->session_keyring); |
| 117 | else | 118 | if (!session) |
| 118 | sskey = cred->user->session_keyring->serial; | 119 | session = cred->user->session_keyring; |
| 120 | sskey = session->serial; | ||
| 121 | rcu_read_unlock(); | ||
| 119 | 122 | ||
| 120 | sprintf(keyring_str[2], "%d", sskey); | 123 | sprintf(keyring_str[2], "%d", sskey); |
| 121 | 124 | ||