Re: [PATCH 2/4] KEYS: Check starting keyring as part of search

From: Andrew Morton
Date: Tue Feb 12 2008 - 18:48:43 EST


On Fri, 08 Feb 2008 16:04:29 +0000
David Howells <dhowells@xxxxxxxxxx> wrote:

> Check the starting keyring as part of the search to (a) see if that is what
> we're searching for, and (b) to check it is still valid for searching.
>
> The scenario: User in process A does things that cause things to be
> created in its process session keyring. The user then does an su to
> another user and starts a new process, B. The two processes now
> share the same process session keyring.
>
> Process B does an NFS access which results in an upcall to gssd.
> When gssd attempts to instantiate the context key (to be linked
> into the process session keyring), it is denied access even though it
> has an authorization key.
>
> The order of calls is:
>
> keyctl_instantiate_key()
> lookup_user_key() (the default: case)
> search_process_keyrings(current)
> search_process_keyrings(rka->context) (recursive call)
> keyring_search_aux()
>
> keyring_search_aux() verifies the keys and keyrings underneath the
> top-level keyring it is given, but that top-level keyring is neither
> fully validated nor checked to see if it is the thing being searched for.
>
> This patch changes keyring_search_aux() to:
> 1) do more validation on the top keyring it is given and
> 2) check whether that top-level keyring is the thing being searched for
>
> ...
>
> + (keyring->expiry && now.tv_sec >= keyring->expiry))

time_after()?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/