From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:40818 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751133AbdKJP4y (ORCPT ); Fri, 10 Nov 2017 10:56:54 -0500 Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id vAAFtRUi043126 for ; Fri, 10 Nov 2017 10:56:54 -0500 Received: from e06smtp11.uk.ibm.com (e06smtp11.uk.ibm.com [195.75.94.107]) by mx0a-001b2d01.pphosted.com with ESMTP id 2e5dpfmtus-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Fri, 10 Nov 2017 10:56:53 -0500 Received: from localhost by e06smtp11.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 10 Nov 2017 15:56:52 -0000 Subject: Re: FAILED: patch "[PATCH] KEYS: trusted: fix writing past end of buffer in" failed to apply to 4.9-stable tree From: Mimi Zohar To: Greg KH Cc: ebiggers@google.com, ben@decadent.org.uk, dhowells@redhat.com, james.l.morris@oracle.com, stable@vger.kernel.org Date: Fri, 10 Nov 2017 10:56:46 -0500 In-Reply-To: <20171110114934.GD11679@kroah.com> References: <150989148916639@kroah.com> <1509966379.3416.212.camel@linux.vnet.ibm.com> <20171110114934.GD11679@kroah.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <1510329406.3359.57.camel@linux.vnet.ibm.com> Sender: stable-owner@vger.kernel.org List-ID: On Fri, 2017-11-10 at 12:49 +0100, Greg KH wrote: > On Mon, Nov 06, 2017 at 06:06:19AM -0500, Mimi Zohar wrote: > > Hi Greg, > > > > On Sun, 2017-11-05 at 15:18 +0100, gregkh@linuxfoundation.org wrote: > > > The patch below does not apply to the 4.9-stable tree. > > > If someone wants it applied there, or to any other stable or longterm > > > tree, then please email the backport, including the original git commit > > > id to . > > > > > > thanks, > > > > > > greg k-h > > > > This commit needs to prereq commit ee618b4619b7 "KEYS: trusted: > > sanitize all key material". > > Thanks, that fixes the issue for 4.4 and 4.9, but not for 3.18 :( Commit 146aa8b "KEYS: Merge the type-specific data with the payload data" introduced the change trusted_destroy(), but it is a rather big patch. @@ -1114,12 +1114,12 @@ static long trusted_read(const struct key *key, char __user  *buffer,   */  static void trusted_destroy(struct key *key)  { -       struct trusted_key_payload *p = key->payload.data; +       struct trusted_key_payload *p = key->payload.data[0];           if (!p)                 return;         memset(p->key, 0, p->key_len); -       kfree(key->payload.data); +       kfree(key->payload.data[0]);  }   Perhaps David has back ported this patch already. David?  Otherwise, Eric could you create a patch that applies directly to the stable tree linux-3.18.y? thanks, Mimi