From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Vasily Averin <vvs@virtuozzo.com>,
David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH 5.5 46/65] keys: Fix proc_keys_next to increase position index
Date: Mon, 20 Apr 2020 14:38:50 +0200 [thread overview]
Message-ID: <20200420121516.763243061@linuxfoundation.org> (raw)
In-Reply-To: <20200420121505.909671922@linuxfoundation.org>
From: Vasily Averin <vvs@virtuozzo.com>
commit 86d32f9a7c54ad74f4514d7fef7c847883207291 upstream.
If seq_file .next function does not change position index,
read after some lseek can generate unexpected output:
$ dd if=/proc/keys bs=1 # full usual output
0f6bfdf5 I--Q--- 2 perm 3f010000 1000 1000 user 4af2f79ab8848d0a: 740
1fb91b32 I--Q--- 3 perm 1f3f0000 1000 65534 keyring _uid.1000: 2
27589480 I--Q--- 1 perm 0b0b0000 0 0 user invocation_id: 16
2f33ab67 I--Q--- 152 perm 3f030000 0 0 keyring _ses: 2
33f1d8fa I--Q--- 4 perm 3f030000 1000 1000 keyring _ses: 1
3d427fda I--Q--- 2 perm 3f010000 1000 1000 user 69ec44aec7678e5a: 740
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
521+0 records in
521+0 records out
521 bytes copied, 0,00123769 s, 421 kB/s
But a read after lseek in middle of last line results in the partial
last line and then a repeat of the final line:
$ dd if=/proc/keys bs=500 skip=1
dd: /proc/keys: cannot skip to specified offset
g _uid_ses.1000: 1
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
0+1 records in
0+1 records out
97 bytes copied, 0,000135035 s, 718 kB/s
and a read after lseek beyond end of file results in the last line being
shown:
$ dd if=/proc/keys bs=1000 skip=1 # read after lseek beyond end of file
dd: /proc/keys: cannot skip to specified offset
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
0+1 records in
0+1 records out
76 bytes copied, 0,000119981 s, 633 kB/s
See https://bugzilla.kernel.org/show_bug.cgi?id=206283
Fixes: 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code ...")
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: stable@vger.kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
security/keys/proc.c | 2 ++
1 file changed, 2 insertions(+)
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -139,6 +139,8 @@ static void *proc_keys_next(struct seq_f
n = key_serial_next(p, v);
if (n)
*_pos = key_node_serial(n);
+ else
+ (*_pos)++;
return n;
}
next prev parent reply other threads:[~2020-04-20 12:42 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-20 12:38 [PATCH 5.5 00/65] 5.5.19-rc1 review Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 01/65] amd-xgbe: Use __napi_schedule() in BH context Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 02/65] hsr: check protocol version in hsr_newlink() Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 03/65] l2tp: Allow management of tunnels and session in user namespace Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 04/65] net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 05/65] net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 06/65] net: ipv6: do not consider routes via gateways for anycast address check Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 07/65] net: phy: micrel: use genphy_read_status for KSZ9131 Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 08/65] net: qrtr: send msgs from local of same id as broadcast Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 09/65] net: revert default NAPI poll timeout to 2 jiffies Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 10/65] net: tun: record RX queue in skb before do_xdp_generic() Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 11/65] net: dsa: mt7530: move mt7623 settings out off the mt7530 Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 12/65] net: ethernet: mediatek: " Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 13/65] net/mlx5: Fix frequent ioread PCI access during recovery Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 14/65] net/mlx5e: Add missing release firmware call Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 15/65] net/mlx5e: Fix nest_level for vlan pop action Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 16/65] net/mlx5e: Fix pfnum in devlink port attribute Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 17/65] net: icmp6: do not select saddr from iif when route has prefsrc set Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 18/65] net: mscc: ocelot: fix untagged packet drops when enslaving to vlan aware bridge Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 19/65] net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 20/65] Revert "ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add()" Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 21/65] ovl: fix value of i_ino for lower hardlink corner case Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 22/65] scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 23/65] platform/chrome: cros_ec_rpmsg: Fix race with host event Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 24/65] jbd2: improve comments about freeing data buffers whose page mapping is NULL Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 25/65] acpi/nfit: improve bounds checking for func Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 26/65] perf report: Fix no branch type statistics report issue Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 27/65] pwm: pca9685: Fix PWM/GPIO inter-operation Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 28/65] net: stmmac: xgmac: Fix VLAN register handling Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 29/65] net/bpfilter: remove superfluous testing message Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 30/65] ext4: fix incorrect group count in ext4_fill_super error message Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 31/65] ext4: fix incorrect inodes per group in " Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 32/65] HID: lg-g15: Do not fail the probe when we fail to disable F# emulation Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 33/65] clk: at91: sam9x60: fix usb clock parents Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 34/65] clk: at91: usb: use proper usbs_mask Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 35/65] ARM: dts: imx7-colibri: fix muxing of usbc_det pin Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 36/65] arm64: dts: librem5-devkit: add a vbus supply to usb0 Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 37/65] usb: dwc3: gadget: Dont clear flags before transfer ended Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 38/65] ASoC: Intel: mrfld: fix incorrect check on p->sink Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 39/65] ASoC: Intel: mrfld: return error codes when an error occurs Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 40/65] ALSA: hda/realtek - Enable the headset mic on Asus FX505DT Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 41/65] ALSA: usb-audio: Filter error from connector kctl ops, too Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 42/65] ALSA: usb-audio: Dont override ignore_ctl_error value from the map Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 43/65] ALSA: usb-audio: Dont create jack controls for PCM terminals Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 44/65] ALSA: usb-audio: Check mapping at creating connector controls, too Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 45/65] arm64: vdso: dont free unallocated pages Greg Kroah-Hartman
2020-04-20 12:38 ` Greg Kroah-Hartman [this message]
2020-04-20 12:38 ` [PATCH 5.5 47/65] tracing: Fix the race between registering snapshot event trigger and triggering snapshot operation Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 48/65] btrfs: check commit root generation in should_ignore_root Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 49/65] nl80211: fix NL80211_ATTR_FTM_RESPONDER policy Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 50/65] mac80211: fix race in ieee80211_register_hw() Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 51/65] mac80211_hwsim: Use kstrndup() in place of kasprintf() Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 52/65] net/mlx5e: Encapsulate updating netdev queues into a function Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 53/65] net/mlx5e: Rename hw_modify to preactivate Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 54/65] net/mlx5e: Use preactivate hook to set the indirection table Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.5 55/65] drm/amd/powerplay: force the trim of the mclk dpm_levels if OD is enabled Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 56/65] drm/amdgpu: fix the hw hang during perform system reboot and reset Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 57/65] i2c: designware: platdrv: Remove DPM_FLAG_SMART_SUSPEND flag on BYT and CHT Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 58/65] drm/i915/perf: Do not clear pollin for small user read buffers Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 59/65] ext4: do not zeroout extents beyond i_disksize Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 60/65] irqchip/ti-sci-inta: Fix processing of masked irqs Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 61/65] x86/resctrl: Preserve CDP enable over CPU hotplug Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 62/65] x86/resctrl: Fix invalid attempt at removing the default resource group Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 63/65] scsi: target: remove boilerplate code Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 64/65] scsi: target: fix hang when multiple threads try to destroy the same iscsi session Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.5 65/65] x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE Greg Kroah-Hartman
2020-04-20 19:01 ` [PATCH 5.5 00/65] 5.5.19-rc1 review Naresh Kamboju
2020-04-20 19:53 ` Guenter Roeck
[not found] ` <20200420121505.909671922-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2020-04-21 9:55 ` Jon Hunter
2020-04-21 9:55 ` Jon Hunter
2020-04-21 19:56 ` shuah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200420121516.763243061@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=dhowells@redhat.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=vvs@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.