summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2015-12-28 10:35:19 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2015-12-28 10:35:19 -0800
commit2c7143d4f5cd5c31c7ebe7aa57b273145cdb1808 (patch)
treed19593b70eb85028aa244cb02675bbbf09aa16e1
parent74bf8efb5fa6e958d2d7c7917b8bb672085ec0c6 (diff)
parentb4a1b4f5047e4f54e194681125c74c0aa64d637d (diff)
Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull key handling bugfix from James Morris: "Fix a race between keyctl_read() and keyctl_revoke()" * 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: KEYS: Fix race between read and revoke
-rw-r--r--security/keys/keyctl.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index fb111eafcb89..1c3872aeed14 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -751,16 +751,16 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
/* the key is probably readable - now try to read it */
can_read_key:
- ret = key_validate(key);
- if (ret == 0) {
- ret = -EOPNOTSUPP;
- if (key->type->read) {
- /* read the data with the semaphore held (since we
- * might sleep) */
- down_read(&key->sem);
+ ret = -EOPNOTSUPP;
+ if (key->type->read) {
+ /* Read the data with the semaphore held (since we might sleep)
+ * to protect against the key being updated or revoked.
+ */
+ down_read(&key->sem);
+ ret = key_validate(key);
+ if (ret == 0)
ret = key->type->read(key, buffer, buflen);
- up_read(&key->sem);
- }
+ up_read(&key->sem);
}
error2: