lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160127010203.27333.90518.stgit@warthog.procyon.org.uk>
Date:	Wed, 27 Jan 2016 01:02:03 +0000
From:	David Howells <dhowells@...hat.com>
To:	jmorris@...ei.org
Cc:	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	dhowells@...hat.com, linux-security-module@...r.kernel.org,
	keyrings@...r.kernel.org, sgallagh@...hat.com,
	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Subject: [PATCH] KEYS: Only apply KEY_FLAG_KEEP to a key if a parent keyring
 has it set

KEY_FLAG_KEEP should only be applied to a key if the keyring it is being
linked into has KEY_FLAG_KEEP set.

To this end, partially revert the following patch:

	commit 1d6d167c2efcfe9539d9cffb1a1be9c92e39c2c0
	Author: Mimi Zohar <zohar@...ux.vnet.ibm.com>
	Date:   Thu Jan 7 07:46:36 2016 -0500
	KEYS: refcount bug fix

to undo the change that made it unconditional (Mimi got it right the first
time).

Without undoing this change, it becomes impossible to delete, revoke or
invalidate keys added to keyrings through __key_instantiate_and_link()
where the keyring has itself been linked to.  To test this, run the
following command sequence:

    keyctl newring foo @s
    keyctl add user a a %:foo
    keyctl unlink %user:a %:foo
    keyctl clear %:foo

With the commit mentioned above the third and fourth commands fail with
EPERM when they should succeed.

Reported-by: Stephen Gallager <sgallagh@...hat.com>
Signed-off-by: David Howells <dhowells@...hat.com>
cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>
cc: keyrings@...r.kernel.org
cc: stable@...r.kernel.org
---

 security/keys/key.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/keys/key.c b/security/keys/key.c
index 07a87311055c..09ef276c4bdc 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -430,7 +430,8 @@ static int __key_instantiate_and_link(struct key *key,
 
 			/* and link it into the destination keyring */
 			if (keyring) {
-				set_bit(KEY_FLAG_KEEP, &key->flags);
+				if (test_bit(KEY_FLAG_KEEP, &keyring->flags))
+					set_bit(KEY_FLAG_KEEP, &key->flags);
 
 				__key_link(key, _edit);
 			}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ