[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAG48ez1GiPYROLukVwBQhDeFWzp8Xo9uUs-1B5X1YgqNw78dAA@mail.gmail.com>
Date: Wed, 11 Sep 2024 01:05:04 +0200
From: Jann Horn <jannh@...gle.com>
To: Paul Moore <paul@...l-moore.com>
Cc: James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>,
John Johansen <john.johansen@...onical.com>, David Howells <dhowells@...hat.com>,
Jarkko Sakkinen <jarkko@...nel.org>, Mickaël Salaün <mic@...ikod.net>,
Günther Noack <gnoack@...gle.com>,
Stephen Smalley <stephen.smalley.work@...il.com>, Ondrej Mosnacek <omosnace@...hat.com>,
Casey Schaufler <casey@...aufler-ca.com>, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org, apparmor@...ts.ubuntu.com,
keyrings@...r.kernel.org, selinux@...r.kernel.org
Subject: Re: [PATCH v2 1/2] KEYS: use synchronous task work for changing
parent credentials
On Tue, Sep 10, 2024 at 11:07 PM Paul Moore <paul@...l-moore.com> wrote:
> On Aug 5, 2024 Jann Horn <jannh@...gle.com> wrote:
> > - cred->session_keyring = key_ref_to_ptr(keyring_r);
> > - keyring_r = NULL;
> > - init_task_work(newwork, key_change_session_keyring);
> > + /* the parent mustn't be init and mustn't be a kernel thread */
> > + if (is_global_init(parent) || (READ_ONCE(parent->flags) & PF_KTHREAD) != 0)
> > + goto put_task;
>
> I think we need to explicitly set @ret if we are failing here, yes?
Ah, yes. Thanks.
Powered by blists - more mailing lists