[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-keyrings
Subject:    Re: [PATCH] keyctl: use keyctl_read_alloc() in dump_key_tree_aux()
From:       James Morris <james.l.morris () oracle ! com>
Date:       2017-10-27 8:06:01
Message-ID: alpine.LFD.2.20.1710271005480.3746 () localhost
[Download RAW message or body]

On Thu, 26 Oct 2017, Eric Biggers wrote:

> From: Eric Biggers <ebiggers@google.com>
> 
> dump_key_tree_aux() (part of 'keyctl show') was racy: it allocated a
> buffer for the keyring contents, then read the keyring.  But it's
> possible that keys are added to the keyring concurrently.  This is
> problematic for two reasons.  First, when keyctl_read() is passed a
> buffer that is too small, it is unspecified whether it is filled or not.
> Second, even if the buffer is filled, some keys (not necessarily even
> the newest ones) would be omitted from the listing.
> 
> Switch to keyctl_read_alloc() which handles the "buffer too small" case
> correctly by retrying the read.
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>


Reviewed-by: James Morris <james.l.morris@oracle.com>

-- 
James Morris
<james.l.morris@oracle.com>

--
To unsubscribe from this list: send the line "unsubscribe keyrings" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]