lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 12:13:36 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-kernel@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org, Eric Biggers <ebiggers@...gle.com>, David Howells <dhowells@...hat.com>, James Morris <james.morris@...rosoft.com> Subject: [PATCH 3.18 003/134] KEYS: allow reaching the keys quotas exactly 3.18-stable review patch. If anyone has any objections, please let me know. ------------------ From: Eric Biggers <ebiggers@...gle.com> commit a08bf91ce28ed3ae7b6fef35d843fef8dc8c2cd9 upstream. If the sysctl 'kernel.keys.maxkeys' is set to some number n, then actually users can only add up to 'n - 1' keys. Likewise for 'kernel.keys.maxbytes' and the root_* versions of these sysctls. But these sysctls are apparently supposed to be *maximums*, as per their names and all documentation I could find -- the keyrings(7) man page, Documentation/security/keys/core.rst, and all the mentions of EDQUOT meaning that the key quota was *exceeded* (as opposed to reached). Thus, fix the code to allow reaching the quotas exactly. Fixes: 0b77f5bfb45c ("keys: make the keyring quotas controllable through /proc/sys") Cc: stable@...r.kernel.org Signed-off-by: Eric Biggers <ebiggers@...gle.com> Signed-off-by: David Howells <dhowells@...hat.com> Signed-off-by: James Morris <james.morris@...rosoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> --- security/keys/key.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/security/keys/key.c +++ b/security/keys/key.c @@ -260,8 +260,8 @@ struct key *key_alloc(struct key_type *t spin_lock(&user->lock); if (!(flags & KEY_ALLOC_QUOTA_OVERRUN)) { - if (user->qnkeys + 1 >= maxkeys || - user->qnbytes + quotalen >= maxbytes || + if (user->qnkeys + 1 > maxkeys || + user->qnbytes + quotalen > maxbytes || user->qnbytes + quotalen < user->qnbytes) goto no_quota; }
Powered by blists - more mailing lists