diff options
Diffstat (limited to 'security/keys')
| -rw-r--r-- | security/keys/internal.h | 2 | ||||
| -rw-r--r-- | security/keys/keyctl.c | 26 | ||||
| -rw-r--r-- | security/keys/process_keys.c | 5 |
3 files changed, 13 insertions, 20 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h index c990b8c8ef1d..22ff05269e3d 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h | |||
| @@ -149,7 +149,7 @@ extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags, | |||
| 149 | #define KEY_LOOKUP_FOR_UNLINK 0x04 | 149 | #define KEY_LOOKUP_FOR_UNLINK 0x04 |
| 150 | 150 | ||
| 151 | extern long join_session_keyring(const char *name); | 151 | extern long join_session_keyring(const char *name); |
| 152 | extern void key_change_session_keyring(struct task_work *twork); | 152 | extern void key_change_session_keyring(struct callback_head *twork); |
| 153 | 153 | ||
| 154 | extern struct work_struct key_gc_work; | 154 | extern struct work_struct key_gc_work; |
| 155 | extern unsigned key_gc_delay; | 155 | extern unsigned key_gc_delay; |
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 3bdc419b272f..3364fbf46807 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
| @@ -1456,7 +1456,7 @@ long keyctl_session_to_parent(void) | |||
| 1456 | { | 1456 | { |
| 1457 | struct task_struct *me, *parent; | 1457 | struct task_struct *me, *parent; |
| 1458 | const struct cred *mycred, *pcred; | 1458 | const struct cred *mycred, *pcred; |
| 1459 | struct task_work *newwork, *oldwork; | 1459 | struct callback_head *newwork, *oldwork; |
| 1460 | key_ref_t keyring_r; | 1460 | key_ref_t keyring_r; |
| 1461 | struct cred *cred; | 1461 | struct cred *cred; |
| 1462 | int ret; | 1462 | int ret; |
| @@ -1466,19 +1466,17 @@ long keyctl_session_to_parent(void) | |||
| 1466 | return PTR_ERR(keyring_r); | 1466 | return PTR_ERR(keyring_r); |
| 1467 | 1467 | ||
| 1468 | ret = -ENOMEM; | 1468 | ret = -ENOMEM; |
| 1469 | newwork = kmalloc(sizeof(struct task_work), GFP_KERNEL); | ||
| 1470 | if (!newwork) | ||
| 1471 | goto error_keyring; | ||
| 1472 | 1469 | ||
| 1473 | /* our parent is going to need a new cred struct, a new tgcred struct | 1470 | /* our parent is going to need a new cred struct, a new tgcred struct |
| 1474 | * and new security data, so we allocate them here to prevent ENOMEM in | 1471 | * and new security data, so we allocate them here to prevent ENOMEM in |
| 1475 | * our parent */ | 1472 | * our parent */ |
| 1476 | cred = cred_alloc_blank(); | 1473 | cred = cred_alloc_blank(); |
| 1477 | if (!cred) | 1474 | if (!cred) |
| 1478 | goto error_newwork; | 1475 | goto error_keyring; |
| 1476 | newwork = &cred->rcu; | ||
| 1479 | 1477 | ||
| 1480 | cred->tgcred->session_keyring = key_ref_to_ptr(keyring_r); | 1478 | cred->tgcred->session_keyring = key_ref_to_ptr(keyring_r); |
| 1481 | init_task_work(newwork, key_change_session_keyring, cred); | 1479 | init_task_work(newwork, key_change_session_keyring); |
| 1482 | 1480 | ||
| 1483 | me = current; | 1481 | me = current; |
| 1484 | rcu_read_lock(); | 1482 | rcu_read_lock(); |
| @@ -1488,6 +1486,7 @@ long keyctl_session_to_parent(void) | |||
| 1488 | oldwork = NULL; | 1486 | oldwork = NULL; |
| 1489 | parent = me->real_parent; | 1487 | parent = me->real_parent; |
| 1490 | 1488 | ||
| 1489 | task_lock(parent); | ||
| 1491 | /* the parent mustn't be init and mustn't be a kernel thread */ | 1490 | /* the parent mustn't be init and mustn't be a kernel thread */ |
| 1492 | if (parent->pid <= 1 || !parent->mm) | 1491 | if (parent->pid <= 1 || !parent->mm) |
| 1493 | goto unlock; | 1492 | goto unlock; |
| @@ -1531,20 +1530,15 @@ long keyctl_session_to_parent(void) | |||
| 1531 | if (!ret) | 1530 | if (!ret) |
| 1532 | newwork = NULL; | 1531 | newwork = NULL; |
| 1533 | unlock: | 1532 | unlock: |
| 1533 | task_unlock(parent); | ||
| 1534 | write_unlock_irq(&tasklist_lock); | 1534 | write_unlock_irq(&tasklist_lock); |
| 1535 | rcu_read_unlock(); | 1535 | rcu_read_unlock(); |
| 1536 | if (oldwork) { | 1536 | if (oldwork) |
| 1537 | put_cred(oldwork->data); | 1537 | put_cred(container_of(oldwork, struct cred, rcu)); |
| 1538 | kfree(oldwork); | 1538 | if (newwork) |
| 1539 | } | 1539 | put_cred(cred); |
| 1540 | if (newwork) { | ||
| 1541 | put_cred(newwork->data); | ||
| 1542 | kfree(newwork); | ||
| 1543 | } | ||
| 1544 | return ret; | 1540 | return ret; |
| 1545 | 1541 | ||
| 1546 | error_newwork: | ||
| 1547 | kfree(newwork); | ||
| 1548 | error_keyring: | 1542 | error_keyring: |
| 1549 | key_ref_put(keyring_r); | 1543 | key_ref_put(keyring_r); |
| 1550 | return ret; | 1544 | return ret; |
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 4ad54eea1ea4..54339cfd6734 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c | |||
| @@ -834,12 +834,11 @@ error: | |||
| 834 | * Replace a process's session keyring on behalf of one of its children when | 834 | * Replace a process's session keyring on behalf of one of its children when |
| 835 | * the target process is about to resume userspace execution. | 835 | * the target process is about to resume userspace execution. |
| 836 | */ | 836 | */ |
| 837 | void key_change_session_keyring(struct task_work *twork) | 837 | void key_change_session_keyring(struct callback_head *twork) |
| 838 | { | 838 | { |
| 839 | const struct cred *old = current_cred(); | 839 | const struct cred *old = current_cred(); |
| 840 | struct cred *new = twork->data; | 840 | struct cred *new = container_of(twork, struct cred, rcu); |
| 841 | 841 | ||
| 842 | kfree(twork); | ||
| 843 | if (unlikely(current->flags & PF_EXITING)) { | 842 | if (unlikely(current->flags & PF_EXITING)) { |
| 844 | put_cred(new); | 843 | put_cred(new); |
| 845 | return; | 844 | return; |