lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2851036.1679417029@warthog.procyon.org.uk>
Date:   Tue, 21 Mar 2023 16:43:49 +0000
From:   David Howells <dhowells@...hat.com>
To:     torvalds@...ux-foundation.org
cc:     dhowells@...hat.com, Jarkko Sakkinen <jarkko@...nel.org>,
        Bharath SM <bharathsm@...rosoft.com>,
        Shyam Prasad N <nspmangalore@...il.com>,
        Steve French <smfrench@...il.com>,
        Robbie Harwood <rharwood@...hat.com>,
        Eric Biederman <ebiederm@...ssion.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        keyrings@...r.kernel.org, linux-cifs@...r.kernel.org,
        linux-crypto@...r.kernel.org, kexec@...ts.infradead.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [GIT PULL] keys: Miscellaneous fixes/changes

Hi Linus,

Could you pull these fixes/changes for keyrings?

 (1) Fix request_key() so that it doesn't cache a looked up key on the
     current thread if that thread is a kernel thread.  The cache is
     cleared during notify_resume - but that doesn't happen in kernel
     threads.  This is causing cifs DNS keys to be un-invalidateable.

 (2) Fix a wrapper check in verify_pefile() to not round up the length.

 (3) Change asymmetric_keys code to log errors to make it easier for users
     to work out why failures occurred.

Thanks,
David
---
The following changes since commit fc89d7fb499b0162e081f434d45e8d1b47e82ece:

  Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost (2023-03-13 10:43:09 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/keys-fixes-20230321

for you to fetch changes up to 3584c1dbfffdabf8e3dc1dd25748bb38dd01cd43:

  asymmetric_keys: log on fatal failures in PE/pkcs7 (2023-03-21 16:23:56 +0000)

----------------------------------------------------------------
keyrings fixes

----------------------------------------------------------------
David Howells (1):
      keys: Do not cache key in task struct if key is requested from kernel thread

Robbie Harwood (2):
      verify_pefile: relax wrapper length check
      asymmetric_keys: log on fatal failures in PE/pkcs7

 crypto/asymmetric_keys/pkcs7_verify.c  | 10 +++++-----
 crypto/asymmetric_keys/verify_pefile.c | 32 ++++++++++++++++++--------------
 security/keys/request_key.c            |  9 ++++++---
 3 files changed, 29 insertions(+), 22 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ