leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d0709f1e66
linux/security
History
David Jeffery d0709f1e66 Don't leak a key reference if request_key() tries to use a revoked keyring 
If a request_key() call to allocate and fill out a key attempts to insert the
key structure into a revoked keyring, the key will leak, using memory and part
of the user's key quota until the system reboots. This is from a failure of
construct_alloc_key() to decrement the key's reference count after the attempt
to insert into the requested keyring is rejected.

key_put() needs to be called in the link_prealloc_failed callpath to ensure
the unused key is released.

Signed-off-by: David Jeffery <djeffery@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-02-16 13:45:16 +11:00
..
apparmor module: rename KERNEL_PARAM_FL_NOARG to avoid confusion 2014-08-27 21:54:07 +09:30
integrity ima: /proc/keys is now mandatory 2015-02-02 13:19:48 +11:00
keys Don't leak a key reference if request_key() tries to use a revoked keyring 2015-02-16 13:45:16 +11:00
selinux Char / Misc patches for 3.20-rc1 2015-02-15 10:48:44 -08:00
smack Smack: Repair netfilter dependency 2015-01-23 10:08:19 -08:00
tomoyo rcu: Make SRCU optional by using CONFIG_SRCU 2015-01-06 11:04:29 -08:00
yama yama: Better permission check for ptraceme 2013-03-26 13:17:58 -07:00
capability.c Add security hooks to binder and implement the hooks for SELinux. 2015-01-25 09:17:57 -08:00
commoncap.c kill f_dentry uses 2014-11-19 13:01:25 -05:00
device_cgroup.c cgroup: rename cgroup_subsys->base_cftypes to ->legacy_cftypes 2014-07-15 11:05:09 -04:00
inode.c Documentation: Docbook: Fix generated DocBook/kernel-api.xml 2014-09-09 10:34:56 +02:00
Kconfig security: select correct default LSM_MMAP_MIN_ADDR on arm on arm64 2014-02-05 14:59:14 +00:00
lsm_audit.c audit: anchor all pid references in the initial pid namespace 2014-03-20 10:11:55 -04:00
Makefile security: cleanup Makefiles to use standard syntax for specifying sub-directories 2014-02-17 11:08:04 +11:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c Char / Misc patches for 3.20-rc1 2015-02-15 10:48:44 -08:00