From: David Howells on
Andrew Morton <akpm(a)linux-foundation.org> wrote:

> I don't think I understand that description. Are you saying that the
> patch switches things from the first example output into the second case?

request_key() system call is meant to recursively search all your keyrings for
the key you desire, and, optionally, if it doesn't exist, call out to userspace
to create one for you.

If request_key() finds or creates a key, it should, optionally, create a link
to that key from the destination keyring specified.

Therefore, if, after a successful call to request_key() with a desination
keyring specified, you see the destination keyring empty, the code didn't work
correctly.

If you see the found key in the keyring, then it did - which is what the patch
is required for.

> Is the fix needed in -stable?

Yes.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: David Howells on
Vegard Nossum <vegard.nossum(a)gmail.com> wrote:

> 1. Is it correct to return -EINPROGRESS in this case?

Yes - it prevents construct_key_and_link() from going on to call
construct_key(). The key in question is returned in *_key.

However, I don't think I handle other errors coming back from
construct_alloc_key() correctly.

> 2. (Why) Shouldn't the return value of __key_link() be checked?

It should. In fact, I should probably precheck and preallocate the keyring to
make sure I don't get errors after allocating the new key.

> 3. In __key_link(), shouldn't rcu_dereference() be used when accessing
> keyring->payload.subscriptions?

No. We have to hold a write lock on the keyring semaphore if we're going to
call __key_link() to add something to it.

We should, however, call rcu_dereference_protected().

You should find a patch for this in your inbox.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/