From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S968665AbdIZUO3 (ORCPT <rfc822;w@1wt.eu>);
        Tue, 26 Sep 2017 16:14:29 -0400
Received: from mail-pf0-f195.google.com ([209.85.192.195]:37202 "EHLO
        mail-pf0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S966877AbdIZUOZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 26 Sep 2017 16:14:25 -0400
X-Google-Smtp-Source: AOwi7QDMWTjv2/vkTqC/i6MP4C1QhnyKI1DADKnH2aKy13EE/IkJEq/sPRC11dR0Ot0i3qdAU7uyJw==
From: Eric Biggers <ebiggers3@gmail.com>
To: keyrings@vger.kernel.org
Cc: David Howells <dhowells@redhat.com>,
        Michael Halcrow <mhalcrow@google.com>,
        linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org,
        Eric Biggers <ebiggers@google.com>
Subject: [PATCH v2 0/6] KEYS: fix atomicity issues with key flags
Date: Tue, 26 Sep 2017 13:10:59 -0700
Message-Id: <20170926201105.126166-1-ebiggers3@gmail.com>
X-Mailer: git-send-email 2.14.1.992.g2c7b836f3a-goog
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Eric Biggers <ebiggers@google.com>

The first patch in this series fixes the race between updating and
finding a negative key, which could be used by an unprivileged user to
cause a kernel oops.  That patch is Cc'ed to stable.

The remaining patches fix some other, more theoretical atomicity issues
with accessing key->flags and key->expiry, then eliminate
KEY_FLAG_NEGATIVE, which becomes unnecessary after the first patch.

Eric Biggers (6):
  KEYS: fix race between updating and finding negative key
  KEYS: load key flags atomically in key_is_instantiated()
  KEYS: load key flags and expiry time atomically in key_validate()
  KEYS: load key flags and expiry time atomically in
    keyring_search_iterator()
  KEYS: load key flags and expiry time atomically in proc_keys_show()
  KEYS: remove KEY_FLAG_NEGATIVE

 include/linux/key.h                      | 37 +++++++++++++++++++++++---------
 security/keys/encrypted-keys/encrypted.c |  2 +-
 security/keys/gc.c                       |  4 +---
 security/keys/key.c                      | 24 +++++++++++++++------
 security/keys/keyctl.c                   |  5 ++++-
 security/keys/keyring.c                  | 12 ++++++-----
 security/keys/permission.c               |  7 +++---
 security/keys/proc.c                     | 28 +++++++++++++-----------
 security/keys/request_key.c              | 11 ++++++----
 security/keys/trusted.c                  |  2 +-
 security/keys/user_defined.c             |  2 +-
 11 files changed, 86 insertions(+), 48 deletions(-)

-- 
2.14.1.992.g2c7b836f3a-goog