linux/include/keys
David Howells 822ad64d7e keys: Fix dependency loop between construction record and auth key
In the request_key() upcall mechanism there's a dependency loop by which if
a key type driver overrides the ->request_key hook and the userspace side
manages to lose the authorisation key, the auth key and the internal
construction record (struct key_construction) can keep each other pinned.

Fix this by the following changes:

 (1) Killing off the construction record and using the auth key instead.

 (2) Including the operation name in the auth key payload and making the
     payload available outside of security/keys/.

 (3) The ->request_key hook is given the authkey instead of the cons
     record and operation name.

Changes (2) and (3) allow the auth key to naturally be cleaned up if the
keyring it is in is destroyed or cleared or the auth key is unlinked.

Fixes: 7ee02a316600 ("keys: Fix dependency loop between construction record and auth key")
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
2019-02-15 14:12:09 -08:00
..
asymmetric-parser.h KEYS: Asymmetric key pluggable data parsers 2012-10-08 13:50:13 +10:30
asymmetric-subtype.h KEYS: Provide missing asymmetric key subops for new key type ops [ver #2] 2018-10-26 09:30:46 +01:00
asymmetric-type.h docs: Fix some broken references 2018-06-15 18:10:01 -03:00
big_key-type.h KEYS: big_key: Use key preparsing 2014-07-22 21:46:47 +01:00
ceph-type.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dns_resolver-type.h DNS: Separate out CIFS DNS Resolver code 2010-08-05 17:17:51 +00:00
encrypted-type.h encrypted-keys: add key format support 2011-06-27 09:10:45 -04:00
keyring-type.h KEYS: Expand the capacity of a keyring 2013-09-24 10:35:18 +01:00
request_key_auth-type.h keys: Fix dependency loop between construction record and auth key 2019-02-15 14:12:09 -08:00
rxrpc-type.h net: rxrpc: Replace time_t type with time64_t type 2017-08-29 10:16:00 +01:00
system_keyring.h KEYS: Split role of the keyring pointer for keyring restrict functions 2017-04-03 10:24:56 -07:00
trusted-type.h tpm: fix checks for policy digest existence in tpm2_seal_trusted() 2016-02-10 04:10:55 +02:00
trusted.h KEYS: Move trusted.h to include/keys [ver #2] 2018-10-26 09:30:47 +01:00
user-type.h KEYS: Differentiate uses of rcu_dereference_key() and user_key_payload() 2017-03-02 10:09:00 +11:00