git.kernel.dk Git - linux-2.6-block.git/commit

author	Jann Horn <jannh@google.com>
	Wed, 27 Mar 2019 15:39:38 +0000 (16:39 +0100)
committer	James Morris <james.morris@microsoft.com>
	Wed, 10 Apr 2019 17:28:21 +0000 (10:28 -0700)
commit	5c7e372caa35d303e414caeb64ee2243fd3cac3d
tree	0ebe3b3d6fa9becd9cfa6e5a49f42c7979be8180	tree \| snapshot
parent	1b26fcdb748eb20a73f72900d7f5ab537b2809be	commit \| diff

security: don't use RCU accessors for cred->session_keyring

sparse complains that a bunch of places in kernel/cred.c access
cred->session_keyring without the RCU helpers required by the __rcu
annotation.

cred->session_keyring is written in the following places:

- prepare_kernel_cred() [in a new cred struct]
- keyctl_session_to_parent() [in a new cred struct]
- prepare_creds [in a new cred struct, via memcpy]
- install_session_keyring_to_cred()
  - from install_session_keyring() on new creds
  - from join_session_keyring() on new creds [twice]
  - from umh_keys_init()
   - from call_usermodehelper_exec_async() on new creds

All of these writes are before the creds are committed; therefore,
cred->session_keyring doesn't need RCU protection.

Remove the __rcu annotation and fix up all existing users that use __rcu.

Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: James Morris <james.morris@microsoft.com>

include/linux/cred.h		diff \| blob \| blame \| history
security/keys/process_keys.c		diff \| blob \| blame \| history
security/keys/request_key.c		diff \| blob \| blame \| history