forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/security
History
Jann Horn 5c7e372caa security: don't use RCU accessors for cred->session_keyring 
sparse complains that a bunch of places in kernel/cred.c access
cred->session_keyring without the RCU helpers required by the __rcu
annotation.

cred->session_keyring is written in the following places:

 - prepare_kernel_cred() [in a new cred struct]
 - keyctl_session_to_parent() [in a new cred struct]
 - prepare_creds [in a new cred struct, via memcpy]
 - install_session_keyring_to_cred()
  - from install_session_keyring() on new creds
  - from join_session_keyring() on new creds [twice]
  - from umh_keys_init()
   - from call_usermodehelper_exec_async() on new creds

All of these writes are before the creds are committed; therefore,
cred->session_keyring doesn't need RCU protection.

Remove the __rcu annotation and fix up all existing users that use __rcu.

Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
2019-04-10 10:28:21 -07:00
..
apparmor + Bug Fixes 2019-03-13 11:07:36 -07:00
integrity Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-03-10 17:37:29 -07:00
keys security: don't use RCU accessors for cred->session_keyring 2019-04-10 10:28:21 -07:00
loadpin LoadPin: Initialize as ordered LSM 2019-01-08 13:18:43 -08:00
safesetid LSM: fix return value check in safesetid_init_securityfs() 2019-02-12 10:59:22 -08:00
selinux selinux: fix NULL dereference in policydb_destroy() 2019-03-18 12:19:48 -04:00
smack Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-03-12 14:08:19 -07:00
tomoyo tomoyo: Bump version. 2019-02-19 14:17:25 -08:00
yama Yama: mark local symbols as static 2019-04-10 10:23:42 -07:00
commoncap.c audit/stable-5.1 PR 20190305 2019-03-07 12:20:11 -08:00
device_cgroup.c docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
inode.c security: fs: make inode explicitly non-modular 2018-12-12 14:58:51 -08:00
Kconfig LSM: Update list of SECURITYFS users in Kconfig 2019-03-01 09:52:54 -08:00
lsm_audit.c missing barriers in some of unix_sock ->addr and ->path accesses 2019-02-20 20:06:28 -08:00
Makefile LSM: add SafeSetID module that gates setid calls 2019-01-25 11:22:45 -08:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-03-12 14:08:19 -07:00