* [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread @ 2023-03-12 18:53 Bharath SM 2023-03-12 21:37 ` Jarkko Sakkinen 2023-03-14 15:18 ` David Howells 0 siblings, 2 replies; 10+ messages in thread From: Bharath SM @ 2023-03-12 18:53 UTC (permalink / raw) To: David Howells, jarkko, keyrings; +Cc: Bharath S M, Shyam Prasad N, Steve French The key which gets cached in task structure from a kernel thread does not get invalidated even after expiry. Due to which, a new key request from kernel thread will be served with the cached key if it's present in task struct irrespective of the key validity. The change is to not cache key in task_struct when key requested from kernel thread so that kernel thread gets a valid key on every key request. Signed-off-by: Bharath SM <bharathsm@microsoft.com> --- security/keys/request_key.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/security/keys/request_key.c b/security/keys/request_key.c index 2da4404276f0..07a0ef2baacd 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c @@ -38,9 +38,12 @@ static void cache_requested_key(struct key *key) #ifdef CONFIG_KEYS_REQUEST_CACHE struct task_struct *t = current; - key_put(t->cached_requested_key); - t->cached_requested_key = key_get(key); - set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); + /* Do not cache key if it is a kernel thread */ + if (!(t->flags & PF_KTHREAD)) { + key_put(t->cached_requested_key); + t->cached_requested_key = key_get(key); + set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); + } #endif } -- 2.25.1 ^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-12 18:53 [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread Bharath SM @ 2023-03-12 21:37 ` Jarkko Sakkinen 2023-03-13 5:18 ` Bharath SM 2023-03-14 15:18 ` David Howells 1 sibling, 1 reply; 10+ messages in thread From: Jarkko Sakkinen @ 2023-03-12 21:37 UTC (permalink / raw) To: Bharath SM, David Howells, keyrings Cc: Bharath S M, Shyam Prasad N, Steve French On Mon, 2023-03-13 at 00:23 +0530, Bharath SM wrote: > The key which gets cached in task structure from a kernel thread does not > get invalidated even after expiry. Due to which, a new key request from > kernel thread will be served with the cached key if it's present in task > struct irrespective of the key validity. > The change is to not cache key in task_struct when key requested from kernel > thread so that kernel thread gets a valid key on every key request. > > Signed-off-by: Bharath SM <bharathsm@microsoft.com> What is the context where you bumped into this? > --- > security/keys/request_key.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/security/keys/request_key.c b/security/keys/request_key.c > index 2da4404276f0..07a0ef2baacd 100644 > --- a/security/keys/request_key.c > +++ b/security/keys/request_key.c > @@ -38,9 +38,12 @@ static void cache_requested_key(struct key *key) > #ifdef CONFIG_KEYS_REQUEST_CACHE > struct task_struct *t = current; > > - key_put(t->cached_requested_key); > - t->cached_requested_key = key_get(key); > - set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); > + /* Do not cache key if it is a kernel thread */ > + if (!(t->flags & PF_KTHREAD)) { > + key_put(t->cached_requested_key); > + t->cached_requested_key = key_get(key); > + set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); > + } > #endif > } > > -- > 2.25.1 BR, Jarkko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-12 21:37 ` Jarkko Sakkinen @ 2023-03-13 5:18 ` Bharath SM 2023-03-14 11:07 ` Jarkko Sakkinen 0 siblings, 1 reply; 10+ messages in thread From: Bharath SM @ 2023-03-13 5:18 UTC (permalink / raw) To: Jarkko Sakkinen Cc: David Howells, keyrings, Bharath S M, Shyam Prasad N, Steve French Linux kernel cifs module uses dns_resolver for dns resolution and dns_resolver will use kernel keys infrastructure for key management. Cifs module calls dns_query during reconnect for dns resolution, we noticed an issue with dns resolution requests during reconnect operations from cifs. Where the dns_query was failing by returning EKEYEXPIRED to cifs. And this issue was happening only when CONFIG_KEYS_REQUEST_CACHE was enabled. Further debugging the keys subsystem and discussing with david howells revealed this issue in keys subsystem. To reproduce the issue mount a few SMB shares on device with nosharesock mount option and try disconnecting connections a few times using "ss -K src dport 445". Logs from dns_resolver: Notice that 2nd time, we can see dns_query returning -127(EKEYEXPIRED) Disconnected first time and got right response for dns_query: [Mon Mar 13 05:05:23 2023] [cifsd ] ==> dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) [Mon Mar 13 05:05:23 2023] [cifsd ] call request_key(,storagesouthcus1.file.core.windows.net,) [Mon Mar 13 05:05:23 2023] [cifsd ] ==> dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) [Mon Mar 13 05:05:23 2023] [cifsd ] call request_key(,storagesouthcus1.file.core.windows.net,) [Mon Mar 13 05:05:23 2023] [cifsd ] ==> dns_resolver_cmp(storagesouthcus1.file.core.windows.net,storagesouthcus1.file.core.windows.net) [Mon Mar 13 05:05:23 2023] [cifsd ] <== dns_resolver_cmp() = 1 [Mon Mar 13 05:05:23 2023] [key.dn] ==> dns_resolver_preparse(' 20.150.20.136',14) [Mon Mar 13 05:05:23 2023] [key.dn] no options [Mon Mar 13 05:05:23 2023] [key.dn] store result [Mon Mar 13 05:05:23 2023] [key.dn] <== dns_resolver_preparse() = 0 [Mon Mar 13 05:05:23 2023] [cifsd ] <== dns_query() = 13 [Mon Mar 13 05:05:23 2023] [cifsd ] <== dns_query() = 13 Disconnected second time, but this time we can see one of the dns_query request is failing with -127 [Mon Mar 13 05:05:30 2023] [cifsd ] ==> dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) [Mon Mar 13 05:05:30 2023] [cifsd ] call request_key(,storagesouthcus1.file.core.windows.net,) [Mon Mar 13 05:05:30 2023] [cifsd ] ==> dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) [Mon Mar 13 05:05:30 2023] [cifsd ] call request_key(,storagesouthcus1.file.core.windows.net,) [Mon Mar 13 05:05:30 2023] [cifsd ] ==> dns_resolver_cmp(storagesouthcus1.file.core.windows.net,storagesouthcus1.file.core.windows.net) [Mon Mar 13 05:05:30 2023] [cifsd ] <== dns_resolver_cmp() = 1 [Mon Mar 13 05:05:30 2023] [cifsd ] <== dns_query() = -127 [Mon Mar 13 05:05:30 2023] [key.dn] ==> dns_resolver_preparse(' 20.150.20.136',14) [Mon Mar 13 05:05:30 2023] [key.dn] no options [Mon Mar 13 05:05:30 2023] [key.dn] store result [Mon Mar 13 05:05:30 2023] [key.dn] <== dns_resolver_preparse() = 0 [Mon Mar 13 05:05:30 2023] [cifsd ] <== dns_query() = 13 On Mon, Mar 13, 2023 at 3:07 AM Jarkko Sakkinen <jarkko@kernel.org> wrote: > > On Mon, 2023-03-13 at 00:23 +0530, Bharath SM wrote: > > The key which gets cached in task structure from a kernel thread does not > > get invalidated even after expiry. Due to which, a new key request from > > kernel thread will be served with the cached key if it's present in task > > struct irrespective of the key validity. > > The change is to not cache key in task_struct when key requested from kernel > > thread so that kernel thread gets a valid key on every key request. > > > > Signed-off-by: Bharath SM <bharathsm@microsoft.com> > > What is the context where you bumped into this? > > > --- > > security/keys/request_key.c | 9 ++++++--- > > 1 file changed, 6 insertions(+), 3 deletions(-) > > > > diff --git a/security/keys/request_key.c b/security/keys/request_key.c > > index 2da4404276f0..07a0ef2baacd 100644 > > --- a/security/keys/request_key.c > > +++ b/security/keys/request_key.c > > @@ -38,9 +38,12 @@ static void cache_requested_key(struct key *key) > > #ifdef CONFIG_KEYS_REQUEST_CACHE > > struct task_struct *t = current; > > > > - key_put(t->cached_requested_key); > > - t->cached_requested_key = key_get(key); > > - set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); > > + /* Do not cache key if it is a kernel thread */ > > + if (!(t->flags & PF_KTHREAD)) { > > + key_put(t->cached_requested_key); > > + t->cached_requested_key = key_get(key); > > + set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); > > + } > > #endif > > } > > > > -- > > 2.25.1 > > BR, Jarkko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-13 5:18 ` Bharath SM @ 2023-03-14 11:07 ` Jarkko Sakkinen 2023-03-14 15:27 ` David Howells 0 siblings, 1 reply; 10+ messages in thread From: Jarkko Sakkinen @ 2023-03-14 11:07 UTC (permalink / raw) To: Bharath SM Cc: David Howells, keyrings, Bharath S M, Shyam Prasad N, Steve French On Mon, Mar 13, 2023 at 10:48:29AM +0530, Bharath SM wrote: > Linux kernel cifs module uses dns_resolver for dns resolution and > dns_resolver will use kernel keys infrastructure for key management. > Cifs module calls dns_query during reconnect for dns resolution, we noticed > an issue with dns resolution requests during reconnect operations from cifs. > Where the dns_query was failing by returning EKEYEXPIRED to cifs. And > this issue was > happening only when CONFIG_KEYS_REQUEST_CACHE was enabled. > Further debugging the keys subsystem and discussing with david howells revealed > this issue in keys subsystem. > > To reproduce the issue mount a few SMB shares on device with > nosharesock mount option and try disconnecting connections a few times > using "ss -K src dport 445". > > Logs from dns_resolver: > Notice that 2nd time, we can see dns_query returning -127(EKEYEXPIRED) > > Disconnected first time and got right response for dns_query: > > [Mon Mar 13 05:05:23 2023] [cifsd ] ==> > dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) > [Mon Mar 13 05:05:23 2023] [cifsd ] call > request_key(,storagesouthcus1.file.core.windows.net,) > [Mon Mar 13 05:05:23 2023] [cifsd ] ==> > dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) > [Mon Mar 13 05:05:23 2023] [cifsd ] call > request_key(,storagesouthcus1.file.core.windows.net,) > [Mon Mar 13 05:05:23 2023] [cifsd ] ==> > dns_resolver_cmp(storagesouthcus1.file.core.windows.net,storagesouthcus1.file.core.windows.net) > [Mon Mar 13 05:05:23 2023] [cifsd ] <== dns_resolver_cmp() = 1 > [Mon Mar 13 05:05:23 2023] [key.dn] ==> dns_resolver_preparse(' > 20.150.20.136',14) > [Mon Mar 13 05:05:23 2023] [key.dn] no options > [Mon Mar 13 05:05:23 2023] [key.dn] store result > [Mon Mar 13 05:05:23 2023] [key.dn] <== dns_resolver_preparse() = 0 > [Mon Mar 13 05:05:23 2023] [cifsd ] <== dns_query() = 13 > [Mon Mar 13 05:05:23 2023] [cifsd ] <== dns_query() = 13 > > Disconnected second time, but this time we can see one of the > dns_query request is failing with -127 > > [Mon Mar 13 05:05:30 2023] [cifsd ] ==> > dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) > [Mon Mar 13 05:05:30 2023] [cifsd ] call > request_key(,storagesouthcus1.file.core.windows.net,) > [Mon Mar 13 05:05:30 2023] [cifsd ] ==> > dns_query((null),storagesouthcus1.file.core.windows.net,38,(null)) > [Mon Mar 13 05:05:30 2023] [cifsd ] call > request_key(,storagesouthcus1.file.core.windows.net,) > [Mon Mar 13 05:05:30 2023] [cifsd ] ==> > dns_resolver_cmp(storagesouthcus1.file.core.windows.net,storagesouthcus1.file.core.windows.net) > [Mon Mar 13 05:05:30 2023] [cifsd ] <== dns_resolver_cmp() = 1 > [Mon Mar 13 05:05:30 2023] [cifsd ] <== dns_query() = -127 > [Mon Mar 13 05:05:30 2023] [key.dn] ==> dns_resolver_preparse(' > 20.150.20.136',14) > [Mon Mar 13 05:05:30 2023] [key.dn] no options > [Mon Mar 13 05:05:30 2023] [key.dn] store result > [Mon Mar 13 05:05:30 2023] [key.dn] <== dns_resolver_preparse() = 0 > [Mon Mar 13 05:05:30 2023] [cifsd ] <== dns_query() = 13 Please summarize this to the commit message it is useful stuff. With this report included the patch could should also have a fixes tag. BR, Jarkko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-14 11:07 ` Jarkko Sakkinen @ 2023-03-14 15:27 ` David Howells 2023-03-15 15:13 ` Bharath SM 2023-03-19 13:39 ` Jarkko Sakkinen 0 siblings, 2 replies; 10+ messages in thread From: David Howells @ 2023-03-14 15:27 UTC (permalink / raw) To: Jarkko Sakkinen Cc: dhowells, Bharath SM, keyrings, Bharath S M, Shyam Prasad N, Steve French Jarkko Sakkinen <jarkko@kernel.org> wrote: > Please summarize this to the commit message it is useful stuff. With > this report included the patch could should also have a fixes tag. I've expanded the commit message to: keys: Do not cache key in task struct if key is requested from kernel thread The key which gets cached in task structure from a kernel thread does not get invalidated even after expiry. Due to which, a new key request from kernel thread will be served with the cached key if it's present in task struct irrespective of the key validity. The change is to not cache key in task_struct when key requested from kernel thread so that kernel thread gets a valid key on every key request. The problem has been seen with the cifs module doing DNS lookups from a kernel thread and the results getting pinned by being attached to that kernel thread's cache - and thus not something that can be easily got rid of. The cache would ordinarily be cleared by notify-resume, but kernel threads don't do that. This isn't seen with AFS because AFS is doing request_key() within the kernel half of a user thread - which will do notify-resume. Signed-off-by: Bharath SM <bharathsm@microsoft.com> Signed-off-by: David Howells <dhowells@redhat.com> cc: Jarkko Sakkinen <jarkko@kernel.org> cc: Shyam Prasad N <nspmangalore@gmail.com> cc: Steve French <smfrench@gmail.com> cc: keyrings@vger.kernel.org cc: linux-cifs@vger.kernel.org cc: linux-fsdevel@vger.kernel.org David ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-14 15:27 ` David Howells @ 2023-03-15 15:13 ` Bharath SM 2023-03-15 15:34 ` Bharath SM 2023-03-19 13:39 ` Jarkko Sakkinen 1 sibling, 1 reply; 10+ messages in thread From: Bharath SM @ 2023-03-15 15:13 UTC (permalink / raw) To: David Howells Cc: Jarkko Sakkinen, keyrings, Bharath S M, Shyam Prasad N, Steve French On Tue, Mar 14, 2023 at 8:58 PM David Howells <dhowells@redhat.com> wrote: > > Jarkko Sakkinen <jarkko@kernel.org> wrote: > > > Please summarize this to the commit message it is useful stuff. With > > this report included the patch could should also have a fixes tag. > > I've expanded the commit message to: > > keys: Do not cache key in task struct if key is requested from kernel thread > > The key which gets cached in task structure from a kernel thread does not > get invalidated even after expiry. Due to which, a new key request from > kernel thread will be served with the cached key if it's present in task > struct irrespective of the key validity. The change is to not cache key in > task_struct when key requested from kernel thread so that kernel thread > gets a valid key on every key request. > > The problem has been seen with the cifs module doing DNS lookups from a > kernel thread and the results getting pinned by being attached to that > kernel thread's cache - and thus not something that can be easily got rid > of. The cache would ordinarily be cleared by notify-resume, but kernel > threads don't do that. > > This isn't seen with AFS because AFS is doing request_key() within the > kernel half of a user thread - which will do notify-resume. > > Signed-off-by: Bharath SM <bharathsm@microsoft.com> > Signed-off-by: David Howells <dhowells@redhat.com> > cc: Jarkko Sakkinen <jarkko@kernel.org> > cc: Shyam Prasad N <nspmangalore@gmail.com> > cc: Steve French <smfrench@gmail.com> > cc: keyrings@vger.kernel.org > cc: linux-cifs@vger.kernel.org > cc: linux-fsdevel@vger.kernel.org > > David Your expanded commit message looks fine. Can we please mark this commit for a stable kernel since it fixes some serious reconnect problem.? ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-15 15:13 ` Bharath SM @ 2023-03-15 15:34 ` Bharath SM 0 siblings, 0 replies; 10+ messages in thread From: Bharath SM @ 2023-03-15 15:34 UTC (permalink / raw) To: David Howells Cc: Jarkko Sakkinen, keyrings, Bharath S M, Shyam Prasad N, Steve French On Wed, Mar 15, 2023 at 8:43 PM Bharath SM <bharathsm.hsk@gmail.com> wrote: > > On Tue, Mar 14, 2023 at 8:58 PM David Howells <dhowells@redhat.com> wrote: > > > > Jarkko Sakkinen <jarkko@kernel.org> wrote: > > > > > Please summarize this to the commit message it is useful stuff. With > > > this report included the patch could should also have a fixes tag. > > > > I've expanded the commit message to: > > > > keys: Do not cache key in task struct if key is requested from kernel thread > > > > The key which gets cached in task structure from a kernel thread does not > > get invalidated even after expiry. Due to which, a new key request from > > kernel thread will be served with the cached key if it's present in task > > struct irrespective of the key validity. The change is to not cache key in > > task_struct when key requested from kernel thread so that kernel thread > > gets a valid key on every key request. > > > > The problem has been seen with the cifs module doing DNS lookups from a > > kernel thread and the results getting pinned by being attached to that > > kernel thread's cache - and thus not something that can be easily got rid > > of. The cache would ordinarily be cleared by notify-resume, but kernel > > threads don't do that. > > > > This isn't seen with AFS because AFS is doing request_key() within the > > kernel half of a user thread - which will do notify-resume. > > > > Signed-off-by: Bharath SM <bharathsm@microsoft.com> > > Signed-off-by: David Howells <dhowells@redhat.com> > > cc: Jarkko Sakkinen <jarkko@kernel.org> > > cc: Shyam Prasad N <nspmangalore@gmail.com> > > cc: Steve French <smfrench@gmail.com> > > cc: keyrings@vger.kernel.org > > cc: linux-cifs@vger.kernel.org > > cc: linux-fsdevel@vger.kernel.org > > > > David > > Your expanded commit message looks fine. Can we please mark this > commit for a stable kernel since it fixes some serious reconnect > problem.? Adding Fixes tag: Fixes: 7743c48e54ee ("keys: Cache result of request_key*() temporarily in task_struct") ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-14 15:27 ` David Howells 2023-03-15 15:13 ` Bharath SM @ 2023-03-19 13:39 ` Jarkko Sakkinen 2023-03-19 13:40 ` Jarkko Sakkinen 1 sibling, 1 reply; 10+ messages in thread From: Jarkko Sakkinen @ 2023-03-19 13:39 UTC (permalink / raw) To: David Howells Cc: Bharath SM, keyrings, Bharath S M, Shyam Prasad N, Steve French On Tue, Mar 14, 2023 at 03:27:32PM +0000, David Howells wrote: > Jarkko Sakkinen <jarkko@kernel.org> wrote: > > > Please summarize this to the commit message it is useful stuff. With > > this report included the patch could should also have a fixes tag. > > I've expanded the commit message to: > > keys: Do not cache key in task struct if key is requested from kernel thread > > The key which gets cached in task structure from a kernel thread does not > get invalidated even after expiry. Due to which, a new key request from > kernel thread will be served with the cached key if it's present in task > struct irrespective of the key validity. The change is to not cache key in > task_struct when key requested from kernel thread so that kernel thread > gets a valid key on every key request. > > The problem has been seen with the cifs module doing DNS lookups from a > kernel thread and the results getting pinned by being attached to that > kernel thread's cache - and thus not something that can be easily got rid > of. The cache would ordinarily be cleared by notify-resume, but kernel > threads don't do that. > > This isn't seen with AFS because AFS is doing request_key() within the > kernel half of a user thread - which will do notify-resume. > > Signed-off-by: Bharath SM <bharathsm@microsoft.com> > Signed-off-by: David Howells <dhowells@redhat.com> > cc: Jarkko Sakkinen <jarkko@kernel.org> > cc: Shyam Prasad N <nspmangalore@gmail.com> > cc: Steve French <smfrench@gmail.com> > cc: keyrings@vger.kernel.org > cc: linux-cifs@vger.kernel.org > cc: linux-fsdevel@vger.kernel.org > > David Looks good to me! Can you send a version with this? BR, Jarkko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-19 13:39 ` Jarkko Sakkinen @ 2023-03-19 13:40 ` Jarkko Sakkinen 0 siblings, 0 replies; 10+ messages in thread From: Jarkko Sakkinen @ 2023-03-19 13:40 UTC (permalink / raw) To: David Howells Cc: Bharath SM, keyrings, Bharath S M, Shyam Prasad N, Steve French On Sun, Mar 19, 2023 at 03:39:39PM +0200, Jarkko Sakkinen wrote: > On Tue, Mar 14, 2023 at 03:27:32PM +0000, David Howells wrote: > > Jarkko Sakkinen <jarkko@kernel.org> wrote: > > > > > Please summarize this to the commit message it is useful stuff. With > > > this report included the patch could should also have a fixes tag. > > > > I've expanded the commit message to: > > > > keys: Do not cache key in task struct if key is requested from kernel thread > > > > The key which gets cached in task structure from a kernel thread does not > > get invalidated even after expiry. Due to which, a new key request from > > kernel thread will be served with the cached key if it's present in task > > struct irrespective of the key validity. The change is to not cache key in > > task_struct when key requested from kernel thread so that kernel thread > > gets a valid key on every key request. > > > > The problem has been seen with the cifs module doing DNS lookups from a > > kernel thread and the results getting pinned by being attached to that > > kernel thread's cache - and thus not something that can be easily got rid > > of. The cache would ordinarily be cleared by notify-resume, but kernel > > threads don't do that. > > > > This isn't seen with AFS because AFS is doing request_key() within the > > kernel half of a user thread - which will do notify-resume. > > > > Signed-off-by: Bharath SM <bharathsm@microsoft.com> > > Signed-off-by: David Howells <dhowells@redhat.com> > > cc: Jarkko Sakkinen <jarkko@kernel.org> > > cc: Shyam Prasad N <nspmangalore@gmail.com> > > cc: Steve French <smfrench@gmail.com> > > cc: keyrings@vger.kernel.org > > cc: linux-cifs@vger.kernel.org > > cc: linux-fsdevel@vger.kernel.org > > > > David > > Looks good to me! Can you send a version with this? Oops, not from original sender. If you apply with this, please add Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread 2023-03-12 18:53 [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread Bharath SM 2023-03-12 21:37 ` Jarkko Sakkinen @ 2023-03-14 15:18 ` David Howells 1 sibling, 0 replies; 10+ messages in thread From: David Howells @ 2023-03-14 15:18 UTC (permalink / raw) To: Bharath SM Cc: dhowells, jarkko, keyrings, Bharath S M, Shyam Prasad N, Steve French Bharath SM <bharathsm.hsk@gmail.com> wrote: > diff --git a/security/keys/request_key.c b/security/keys/request_key.c > index 2da4404276f0..07a0ef2baacd 100644 > --- a/security/keys/request_key.c > +++ b/security/keys/request_key.c > @@ -38,9 +38,12 @@ static void cache_requested_key(struct key *key) > #ifdef CONFIG_KEYS_REQUEST_CACHE > struct task_struct *t = current; > > - key_put(t->cached_requested_key); > - t->cached_requested_key = key_get(key); > - set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); > + /* Do not cache key if it is a kernel thread */ > + if (!(t->flags & PF_KTHREAD)) { > + key_put(t->cached_requested_key); > + t->cached_requested_key = key_get(key); > + set_tsk_thread_flag(t, TIF_NOTIFY_RESUME); > + } > #endif > } It seems all the tabs got converted into spaces. I'll manually apply it. David ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2023-03-19 13:40 UTC | newest] Thread overview: 10+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2023-03-12 18:53 [PATCH] KEYS: Do not cache key in task struct if key is requested from kernel thread Bharath SM 2023-03-12 21:37 ` Jarkko Sakkinen 2023-03-13 5:18 ` Bharath SM 2023-03-14 11:07 ` Jarkko Sakkinen 2023-03-14 15:27 ` David Howells 2023-03-15 15:13 ` Bharath SM 2023-03-15 15:34 ` Bharath SM 2023-03-19 13:39 ` Jarkko Sakkinen 2023-03-19 13:40 ` Jarkko Sakkinen 2023-03-14 15:18 ` David Howells
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.