linux/security/keys
Mark Rutland 92347cfd62 KEYS: fix refcount_inc() on zero
If a key's refcount is dropped to zero between key_lookup() peeking at
the refcount and subsequently attempting to increment it, refcount_inc()
will see a zero refcount.  Here, refcount_inc() will WARN_ONCE(), and
will *not* increment the refcount, which will remain zero.

Once key_lookup() drops key_serial_lock, it is possible for the key to
be freed behind our back.

This patch uses refcount_inc_not_zero() to perform the peek and increment
atomically.

Fixes: fff292914d ("security, keys: convert key.usage from atomic_t to refcount_t")
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: David Windsor <dwindsor@gmail.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Cc: Hans Liljestrand <ishkamiel@gmail.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-06-09 13:29:50 +10:00
..
encrypted-keys KEYS: encrypted: sanitize all key material 2017-06-09 13:29:48 +10:00
big_key.c KEYS: Sort out big_key initialisation 2016-10-27 16:03:27 +11:00
compat_dh.c KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
compat.c KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
dh.c KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API 2017-06-09 13:29:50 +10:00
gc.c KEYS: sanitize key structs before freeing 2017-06-09 13:29:48 +10:00
internal.h KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
Kconfig KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API 2017-06-09 13:29:50 +10:00
key.c KEYS: fix refcount_inc() on zero 2017-06-09 13:29:50 +10:00
keyctl.c KEYS: sanitize add_key() and keyctl() key payloads 2017-06-09 13:29:48 +10:00
keyring.c security: use READ_ONCE instead of deprecated ACCESS_ONCE 2017-06-09 13:29:45 +10:00
Makefile KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
permission.c KEYS: Move the flags representing required permission to linux/key.h 2014-03-14 17:44:49 +00:00
persistent.c sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h> 2017-03-02 08:42:31 +01:00
proc.c security, keys: convert key_user.usage from atomic_t to refcount_t 2017-04-03 10:49:06 +10:00
process_keys.c KEYS: put keyring if install_session_keyring_to_cred() fails 2017-06-09 13:29:46 +10:00
request_key_auth.c security, keys: convert key.usage from atomic_t to refcount_t 2017-04-03 10:49:05 +10:00
request_key.c Make static usermode helper binaries constant 2017-01-19 12:59:45 +01:00
sysctl.c security: Convert use of typedef ctl_table to struct ctl_table 2014-04-15 13:39:58 +10:00
trusted.c KEYS: trusted: sanitize all key material 2017-06-09 13:29:48 +10:00
trusted.h keys, trusted: move struct trusted_key_options to trusted-type.h 2015-10-19 01:01:21 +02:00
user_defined.c KEYS: user_defined: sanitize key payloads 2017-06-09 13:29:48 +10:00