Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ab5c69f0 authored by Eric Biggers's avatar Eric Biggers Committed by David Howells
Browse files

KEYS: load key flags and expiry time atomically in proc_keys_show() 



In proc_keys_show(), the key semaphore is not held, so the key ->flags
and ->expiry can be changed concurrently.  We therefore should read them
atomically just once.

Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
parent 9d6c8711

security/keys/proc.c

+14 −10
Original line number Diff line number Diff line
@@ -179,7 +179,9 @@ static int proc_keys_show(struct seq_file *m, void *v) 
	struct rb_node *_p = v;

	struct key *key = rb_entry(_p, struct key, serial_node);

	struct timespec now;

	time_t expiry;

	unsigned long timo;

	unsigned long flags;

	key_ref_t key_ref, skey_ref;

	char xbuf[16];

	short state;
@@ -218,12 +220,13 @@ static int proc_keys_show(struct seq_file *m, void *v) 
	rcu_read_lock();



	/* come up with a suitable timeout value */

	if (key->expiry == 0) {

	expiry = READ_ONCE(key->expiry);

	if (expiry == 0) {

		memcpy(xbuf, "perm", 5);

	} else if (now.tv_sec >= key->expiry) {

	} else if (now.tv_sec >= expiry) {

		memcpy(xbuf, "expd", 5);

	} else {

		timo = key->expiry - now.tv_sec;

		timo = expiry - now.tv_sec;



		if (timo < 60)

			sprintf(xbuf, "%lus", timo);
@@ -239,18 +242,19 @@ static int proc_keys_show(struct seq_file *m, void *v) 


	state = key_read_state(key);



#define showflag(KEY, LETTER, FLAG) \

	(test_bit(FLAG,	&(KEY)->flags) ? LETTER : '-')

#define showflag(FLAGS, LETTER, FLAG) \

	((FLAGS & (1 << FLAG)) ? LETTER : '-')



	flags = READ_ONCE(key->flags);

	seq_printf(m, "%08x %c%c%c%c%c%c%c %5d %4s %08x %5d %5d %-9.9s ",

		   key->serial,

		   state != KEY_IS_UNINSTANTIATED ? 'I' : '-',

		   showflag(key, 'R', KEY_FLAG_REVOKED),

		   showflag(key, 'D', KEY_FLAG_DEAD),

		   showflag(key, 'Q', KEY_FLAG_IN_QUOTA),

		   showflag(key, 'U', KEY_FLAG_USER_CONSTRUCT),

		   showflag(flags, 'R', KEY_FLAG_REVOKED),

		   showflag(flags, 'D', KEY_FLAG_DEAD),

		   showflag(flags, 'Q', KEY_FLAG_IN_QUOTA),

		   showflag(flags, 'U', KEY_FLAG_USER_CONSTRUCT),

		   state < 0 ? 'N' : '-',

		   showflag(key, 'i', KEY_FLAG_INVALIDATED),

		   showflag(flags, 'i', KEY_FLAG_INVALIDATED),

		   refcount_read(&key->usage),

		   xbuf,

		   key->perm,