mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-11 19:19:42 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/nfs
History
David Howells 7268328219 keys: Fix dependency loop between construction record and auth key 
[ Upstream commit 822ad64d7e ]

In the request_key() upcall mechanism there's a dependency loop by which if
a key type driver overrides the ->request_key hook and the userspace side
manages to lose the authorisation key, the auth key and the internal
construction record (struct key_construction) can keep each other pinned.

Fix this by the following changes:

 (1) Killing off the construction record and using the auth key instead.

 (2) Including the operation name in the auth key payload and making the
     payload available outside of security/keys/.

 (3) The ->request_key hook is given the authkey instead of the cons
     record and operation name.

Changes (2) and (3) allow the auth key to naturally be cleaned up if the
keyring it is in is destroyed or cleared or the auth key is unlinked.

Fixes: 7ee02a316600 ("keys: Fix dependency loop between construction record and auth key")
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-03-23 20:09:48 +01:00
..
blocklayout NFS: Mark expected switch fall-throughs 2018-08-08 16:50:02 -04:00
filelayout nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE 2018-01-18 12:51:31 -05:00
flexfilelayout flexfiles: enforce per-mirror stateid only for v4 DSes 2018-12-17 09:24:41 +01:00
cache_lib.c NFS client updates for Linux 4.15 2017-11-17 14:18:00 -08:00
cache_lib.h NFS client updates for Linux 4.15 2017-11-17 14:18:00 -08:00
callback.c NFS client updates for Linux 4.15 2017-11-17 14:18:00 -08:00
callback.h NFS CB_OFFLOAD xdr 2018-08-09 12:56:38 -04:00
callback_proc.c NFSv4.2 copy do not allocate memory under the lock 2018-12-13 09:16:14 +01:00
callback_xdr.c NFS CB_OFFLOAD xdr 2018-08-09 12:56:38 -04:00
client.c NFS add support for asynchronous COPY 2018-08-09 12:56:39 -04:00
delegation.c NFSv4: Fix an Oops during delegation callbacks 2018-12-01 09:37:33 +01:00
delegation.h NFSv4: Fix the nfs_inode_set_delegation() arguments 2018-04-10 16:06:22 -04:00
dir.c NFS client updates for Linux 4.19 2018-08-23 16:03:58 -07:00
direct.c nfs: don't dirty kernel pages read by direct-io 2018-12-21 14:15:17 +01:00
dns_resolve.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dns_resolve.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
export.c NFS: Pass the inode down to the getattr() callback 2018-06-04 12:07:07 -04:00
file.c fs: nfs: Adding new return type vm_fault_t 2018-07-30 13:19:40 -04:00
fscache-index.c vfs: change inode times to use struct timespec64 2018-06-05 16:57:31 -07:00
fscache.c vfs: change inode times to use struct timespec64 2018-06-05 16:57:31 -07:00
fscache.h fscache: Pass object size in rather than calling back for it 2018-04-06 14:05:14 +01:00
getroot.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
inode.c Merge branch 'vfs_timespec64' of https://github.com/deepa-hub/vfs into vfs-timespec64 2018-06-14 14:54:00 +02:00
internal.h Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
io.c NFS: Fix a race between mmap() and O_DIRECT 2018-01-28 22:00:15 -05:00
iostat.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig pnfs/blocklayout: require 64-bit sector_t 2017-08-11 14:10:13 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mount_clnt.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
namespace.c NFS: Use ERR_CAST() to avoid cross-structure cast 2017-05-28 10:11:47 -07:00
netns.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfs2super.c
nfs2xdr.c vfs: change inode times to use struct timespec64 2018-06-05 16:57:31 -07:00
nfs3_fs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfs3acl.c NFS: Mark expected switch fall-throughs 2018-08-08 16:50:02 -04:00
nfs3client.c NFS: Remove unused authflavour parameter from nfs_get_client() 2016-12-01 17:46:32 -05:00
nfs3proc.c NFS: Pass the inode down to the getattr() callback 2018-06-04 12:07:07 -04:00
nfs3super.c
nfs3xdr.c vfs: change inode times to use struct timespec64 2018-06-05 16:57:31 -07:00
nfs4_fs.h NFSv4: Fix a NFSv4 state manager deadlock 2018-12-13 09:16:13 +01:00
nfs4client.c NFSv4.1: Fix the r/wsize checking 2018-11-13 11:08:48 -08:00
nfs4file.c NFS recover from destination server reboot for copies 2018-08-13 17:04:23 -04:00
nfs4getroot.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfs4idmap.c keys: Fix dependency loop between construction record and auth key 2019-03-23 20:09:48 +01:00
nfs4idmap.h
nfs4namespace.c nfs: Referrals should use the same proto setting as their parent 2018-01-14 23:06:30 -05:00
nfs4proc.c NFS client bugfixes for Linux 4.19 2018-09-14 19:25:28 -10:00
nfs4renewd.c NFSv4: Set the connection timeout to match the lease period 2017-02-09 14:15:16 -05:00
nfs4session.c NFSv4.1: Fix regression in callback retry handling 2016-12-01 17:21:38 -05:00
nfs4session.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfs4state.c NFSv4: Fix a NFSv4 state manager deadlock 2018-12-13 09:16:13 +01:00
nfs4super.c
nfs4sysctl.c nfs: Do not convert nfs_idmap_cache_timeout to jiffies 2018-01-18 15:10:47 -05:00
nfs4trace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfs4trace.h NFSv4: Fix a tracepoint Oops in initiate_file_draining() 2018-09-14 16:24:08 -04:00
nfs4xdr.c NFS OFFLOAD_CANCEL xdr 2018-08-09 12:56:38 -04:00
nfs42.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfs42proc.c NFSv4.2 copy do not allocate memory under the lock 2018-12-13 09:16:14 +01:00
nfs42xdr.c NFS add support for asynchronous COPY 2018-08-09 12:56:39 -04:00
nfsroot.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfstrace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nfstrace.h NFS client updates for Linux 4.16 2018-01-30 19:03:48 -08:00
pagelist.c nfs: Fix a missed page unlock after pg_doio() 2018-11-13 11:08:49 -08:00
pnfs.c pNFS: Ensure we return the error if someone kills a waiting layoutget 2018-09-14 16:24:08 -04:00
pnfs.h pNFS: When updating the stateid in layoutreturn, also update the recall range 2018-08-16 13:29:36 -04:00
pnfs_dev.c pnfs/blocklayout: handle transient devices 2018-01-14 23:06:29 -05:00
pnfs_nfs.c NFSv4: Fix locking in pnfs_generic_recover_commit_reqs 2018-08-15 11:43:38 -04:00
proc.c NFS: Pass the inode down to the getattr() callback 2018-06-04 12:07:07 -04:00
read.c NFS: Add static NFS I/O tracepoints 2017-09-11 22:20:38 -04:00
super.c nfs: Fix NULL pointer dereference of dev_name 2019-03-13 14:02:30 -07:00
symlink.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sysctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
unlink.c NFS: Fix up sillyrename() 2018-05-31 15:02:16 -04:00
write.c NFS: Don't use page_file_mapping after removing the page 2019-03-23 20:09:45 +01:00