aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-12-12 13:15:24 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2013-12-12 13:15:24 -0500
commit5dec682c7f33a765a5eb764cc18b1d02b17cd762 (patch)
treefe75d0d632ac4343dcff1335dbccc58dd6bbcdf0 /security
parent48a2f0b2728c88b18829e191eafdde60290aa64f (diff)
parent62226983da070f7e51068ec2e3a4da34672964c7 (diff)
Merge tag 'keys-devel-20131210' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull misc keyrings fixes from David Howells: "These break down into five sets: - A patch to error handling in the big_key type for huge payloads. If the payload is larger than the "low limit" and the backing store allocation fails, then big_key_instantiate() doesn't clear the payload pointers in the key, assuming them to have been previously cleared - but only one of them is. Unfortunately, the garbage collector still calls big_key_destroy() when sees one of the pointers with a weird value in it (and not NULL) which it then tries to clean up. - Three patches to fix the keyring type: * A patch to fix the hash function to correctly divide keyrings off from keys in the topology of the tree inside the associative array. This is only a problem if searching through nested keyrings - and only if the hash function incorrectly puts the a keyring outside of the 0 branch of the root node. * A patch to fix keyrings' use of the associative array. The __key_link_begin() function initially passes a NULL key pointer to assoc_array_insert() on the basis that it's holding a place in the tree whilst it does more allocation and stuff. This is only a problem when a node contains 16 keys that match at that level and we want to add an also matching 17th. This should easily be manufactured with a keyring full of keyrings (without chucking any other sort of key into the mix) - except for (a) above which makes it on average adding the 65th keyring. * A patch to fix searching down through nested keyrings, where any keyring in the set has more than 16 keyrings and none of the first keyrings we look through has a match (before the tree iteration needs to step to a more distal node). Test in keyutils test suite: http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=8b4ae963ed92523aea18dfbb8cab3f4979e13bd1 - A patch to fix the big_key type's use of a shmem file as its backing store causing audit messages and LSM check failures. This is done by setting S_PRIVATE on the file to avoid LSM checks on the file (access to the shmem file goes through the keyctl() interface and so is gated by the LSM that way). This isn't normally a problem if a key is used by the context that generated it - and it's currently only used by libkrb5. Test in keyutils test suite: http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=d9a53cbab42c293962f2f78f7190253fc73bd32e - A patch to add a generated file to .gitignore. - A patch to fix the alignment of the system certificate data such that it it works on s390. As I understand it, on the S390 arch, symbols must be 2-byte aligned because loading the address discards the least-significant bit" * tag 'keys-devel-20131210' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs: KEYS: correct alignment of system_certificate_list content in assembly file Ignore generated file kernel/x509_certificate_list security: shmem: implement kernel private shmem inodes KEYS: Fix searching of nested keyrings KEYS: Fix multiple key add into associative array KEYS: Fix the keyring hash function KEYS: Pre-clear struct key on allocation
Diffstat (limited to 'security')
-rw-r--r--security/keys/big_key.c2
-rw-r--r--security/keys/key.c8
-rw-r--r--security/keys/keyring.c17
3 files changed, 10 insertions, 17 deletions
diff --git a/security/keys/big_key.c b/security/keys/big_key.c
index 7f44c3207a9b..8137b27d641d 100644
--- a/security/keys/big_key.c
+++ b/security/keys/big_key.c
@@ -70,7 +70,7 @@ int big_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
70 * 70 *
71 * TODO: Encrypt the stored data with a temporary key. 71 * TODO: Encrypt the stored data with a temporary key.
72 */ 72 */
73 file = shmem_file_setup("", datalen, 0); 73 file = shmem_kernel_file_setup("", datalen, 0);
74 if (IS_ERR(file)) { 74 if (IS_ERR(file)) {
75 ret = PTR_ERR(file); 75 ret = PTR_ERR(file);
76 goto err_quota; 76 goto err_quota;
diff --git a/security/keys/key.c b/security/keys/key.c
index 55d110f0aced..6e21c11e48bc 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -272,7 +272,7 @@ struct key *key_alloc(struct key_type *type, const char *desc,
272 } 272 }
273 273
274 /* allocate and initialise the key and its description */ 274 /* allocate and initialise the key and its description */
275 key = kmem_cache_alloc(key_jar, GFP_KERNEL); 275 key = kmem_cache_zalloc(key_jar, GFP_KERNEL);
276 if (!key) 276 if (!key)
277 goto no_memory_2; 277 goto no_memory_2;
278 278
@@ -293,18 +293,12 @@ struct key *key_alloc(struct key_type *type, const char *desc,
293 key->uid = uid; 293 key->uid = uid;
294 key->gid = gid; 294 key->gid = gid;
295 key->perm = perm; 295 key->perm = perm;
296 key->flags = 0;
297 key->expiry = 0;
298 key->payload.data = NULL;
299 key->security = NULL;
300 296
301 if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) 297 if (!(flags & KEY_ALLOC_NOT_IN_QUOTA))
302 key->flags |= 1 << KEY_FLAG_IN_QUOTA; 298 key->flags |= 1 << KEY_FLAG_IN_QUOTA;
303 if (flags & KEY_ALLOC_TRUSTED) 299 if (flags & KEY_ALLOC_TRUSTED)
304 key->flags |= 1 << KEY_FLAG_TRUSTED; 300 key->flags |= 1 << KEY_FLAG_TRUSTED;
305 301
306 memset(&key->type_data, 0, sizeof(key->type_data));
307
308#ifdef KEY_DEBUGGING 302#ifdef KEY_DEBUGGING
309 key->magic = KEY_DEBUG_MAGIC; 303 key->magic = KEY_DEBUG_MAGIC;
310#endif 304#endif
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 69f0cb7bab7e..d46cbc5e335e 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -160,7 +160,7 @@ static u64 mult_64x32_and_fold(u64 x, u32 y)
160static unsigned long hash_key_type_and_desc(const struct keyring_index_key *index_key) 160static unsigned long hash_key_type_and_desc(const struct keyring_index_key *index_key)
161{ 161{
162 const unsigned level_shift = ASSOC_ARRAY_LEVEL_STEP; 162 const unsigned level_shift = ASSOC_ARRAY_LEVEL_STEP;
163 const unsigned long level_mask = ASSOC_ARRAY_LEVEL_STEP_MASK; 163 const unsigned long fan_mask = ASSOC_ARRAY_FAN_MASK;
164 const char *description = index_key->description; 164 const char *description = index_key->description;
165 unsigned long hash, type; 165 unsigned long hash, type;
166 u32 piece; 166 u32 piece;
@@ -194,10 +194,10 @@ static unsigned long hash_key_type_and_desc(const struct keyring_index_key *inde
194 * ordinary keys by making sure the lowest level segment in the hash is 194 * ordinary keys by making sure the lowest level segment in the hash is
195 * zero for keyrings and non-zero otherwise. 195 * zero for keyrings and non-zero otherwise.
196 */ 196 */
197 if (index_key->type != &key_type_keyring && (hash & level_mask) == 0) 197 if (index_key->type != &key_type_keyring && (hash & fan_mask) == 0)
198 return hash | (hash >> (ASSOC_ARRAY_KEY_CHUNK_SIZE - level_shift)) | 1; 198 return hash | (hash >> (ASSOC_ARRAY_KEY_CHUNK_SIZE - level_shift)) | 1;
199 if (index_key->type == &key_type_keyring && (hash & level_mask) != 0) 199 if (index_key->type == &key_type_keyring && (hash & fan_mask) != 0)
200 return (hash + (hash << level_shift)) & ~level_mask; 200 return (hash + (hash << level_shift)) & ~fan_mask;
201 return hash; 201 return hash;
202} 202}
203 203
@@ -279,12 +279,11 @@ static bool keyring_compare_object(const void *object, const void *data)
279 * Compare the index keys of a pair of objects and determine the bit position 279 * Compare the index keys of a pair of objects and determine the bit position
280 * at which they differ - if they differ. 280 * at which they differ - if they differ.
281 */ 281 */
282static int keyring_diff_objects(const void *_a, const void *_b) 282static int keyring_diff_objects(const void *object, const void *data)
283{ 283{
284 const struct key *key_a = keyring_ptr_to_key(_a); 284 const struct key *key_a = keyring_ptr_to_key(object);
285 const struct key *key_b = keyring_ptr_to_key(_b);
286 const struct keyring_index_key *a = &key_a->index_key; 285 const struct keyring_index_key *a = &key_a->index_key;
287 const struct keyring_index_key *b = &key_b->index_key; 286 const struct keyring_index_key *b = data;
288 unsigned long seg_a, seg_b; 287 unsigned long seg_a, seg_b;
289 int level, i; 288 int level, i;
290 289
@@ -691,8 +690,8 @@ descend_to_node:
691 smp_read_barrier_depends(); 690 smp_read_barrier_depends();
692 ptr = ACCESS_ONCE(shortcut->next_node); 691 ptr = ACCESS_ONCE(shortcut->next_node);
693 BUG_ON(!assoc_array_ptr_is_node(ptr)); 692 BUG_ON(!assoc_array_ptr_is_node(ptr));
694 node = assoc_array_ptr_to_node(ptr);
695 } 693 }
694 node = assoc_array_ptr_to_node(ptr);
696 695
697begin_node: 696begin_node:
698 kdebug("begin_node"); 697 kdebug("begin_node");