[5.6,109/254] KEYS: reaching the keys quotas correctly

Message ID	20200416131339.774836863@linuxfoundation.org
State	Superseded
Headers	show Return-Path: <SRS0=D6dW=6A=vger.kernel.org=stable-owner@kernel.org> From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, stable@vger.kernel.org, Eric Biggers <ebiggers@google.com>, Yang Xu <xuyang2018.jy@cn.fujitsu.com>, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Subject: [PATCH 5.6 109/254] KEYS: reaching the keys quotas correctly Date: Thu, 16 Apr 2020 15:23:18 +0200 Message-Id: <20200416131339.774836863@linuxfoundation.org> In-Reply-To: <20200416131325.804095985@linuxfoundation.org> References: <20200416131325.804095985@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org Precedence: bulk
Series	None \| expand [5.6,002/254] cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL [5.6,004/254] usb: ucsi: ccg: disable runtime pm during fw flashing [5.6,007/254] media: hantro: fix extra MV/MC sync space calculation [5.6,008/254] media: staging: rkisp1: use consistent bus_info string for media_dev [5.6,009/254] media: staging: rkisp1: isp: do not set invalid mbus code for pad [5.6,011/254] firmware: arm_sdei: fix double-lock on hibernate with shared events [5.6,013/254] usb: phy: tegra: Include proper GPIO consumer header to fix compile testing [5.6,015/254] sched/vtime: Prevent unstable evaluation of WARN(vtime->state) [5.6,021/254] null_blk: fix spurious IO errors after failed past-wp access [5.6,023/254] media: imx: imx7-media-csi: Fix video field handling [5.6,025/254] ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add() [5.6,027/254] x86: Dont let pgprot_modify() change the page encryption bit [5.6,028/254] dma-mapping: Fix dma_pgprot() for unencrypted coherent pages [5.6,031/254] spi: spi-fsl-dspi: Avoid NULL pointer in dspi_slave_abort for non-DMA mode [5.6,032/254] irqchip/versatile-fpga: Handle chained IRQs properly [5.6,033/254] time/sched_clock: Expire timer in hardirq context [5.6,035/254] media: allegro: fix type of gop_length in channel_create message [5.6,038/254] selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault [5.6,041/254] media: i2c: video-i2c: fix build errors due to imply hwmon [5.6,042/254] libata: Remove extra scsi_host_put() in ata_scsi_add_hosts() [5.6,043/254] pstore/platform: fix potential mem leak if pstore_init_fs failed [5.6,045/254] gfs2: Dont demote a glock until its revokes are written [5.6,047/254] x86/boot: Use unsigned comparison for addresses [5.6,048/254] efi/x86: Ignore the memory attributes table on i386 [5.6,049/254] genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() [5.6,055/254] irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency [5.6,057/254] firmware: fix a double abort case with fw_load_sysfs_fallback [5.6,058/254] spi: spi-fsl-dspi: Replace interruptible wait queue with a simple completion [5.6,061/254] block, bfq: fix use-after-free in bfq_idle_slice_timer_body [5.6,062/254] btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least... [5.6,064/254] btrfs: restart relocate_tree_blocks properly [5.6,065/254] btrfs: track reloc roots based on their commit root bytenr [5.6,067/254] ASoC: dapm: connect virtual mux with default value [5.6,068/254] ASoC: dpcm: allow start or stop during pause for backend [5.6,071/254] usb: gadget: composite: Inform controller driver of self-powered [5.6,073/254] ALSA: hda: Add driver blacklist [5.6,075/254] ALSA: ice1724: Fix invalid access for enumerated ctl items [5.6,076/254] ALSA: pcm: oss: Fix regression by buffer overflow fix [5.6,077/254] ALSA: hda/realtek: Enable mute LED on an HP system [5.6,083/254] ALSA: hda/realtek - Add quirk for MSI GL63 [5.6,084/254] media: venus: cache vb payload to be used by clock scaling [5.6,085/254] media: venus: firmware: Ignore secure call error on first resume [5.6,086/254] media: hantro: Read be32 words starting at every fourth byte [5.6,090/254] ACPI: EC: Avoid printing confusing messages in acpi_ec_setup() [5.6,092/254] ACPICA: Allow acpi_any_gpe_status_set() to skip one GPE [5.6,093/254] ACPI: PM: s2idle: Refine active GPEs check [5.6,096/254] nvmet-tcp: fix maxh2cdata icresp parameter [5.6,097/254] nvme-fc: Revert "add module to ops template to allow module references" [5.6,100/254] PCI/ASPM: Clear the correct bits when enabling L1 substates [5.6,102/254] PCI: qcom: Fix the fixup of PCI_VENDOR_ID_QCOM [5.6,104/254] erofs: correct the remaining shrink objects [5.6,107/254] tpm: tpm1_bios_measurements_next should increase position index [5.6,108/254] tpm: tpm2_bios_measurements_next should increase position index [5.6,109/254] KEYS: reaching the keys quotas correctly [5.6,111/254] rcu: Make rcu_barrier() account for offline no-CBs CPUs [5.6,112/254] cpu/hotplug: Ignore pm_wakeup_pending() for disable_nonboot_cpus() [5.6,116/254] io_uring: remove bogus RLIMIT_NOFILE check in file registration [5.6,119/254] MIPS/tlbex: Fix LDDIR usage in setup_pw() for Loongson-3 [5.6,121/254] PM / Domains: Allow no domain-idle-states DT property in genpd when parsing [5.6,123/254] ath9k: Handle txpower changes even when TPC is disabled [5.6,124/254] signal: Extend exec_id to 64bits [5.6,125/254] x86/tsc_msr: Use named struct initializers [5.6,127/254] x86/tsc_msr: Make MSR derived TSC frequency more accurate [5.6,131/254] KVM: nVMX: Properly handle userspace interrupt window request [5.6,132/254] KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks [5.6,134/254] KVM: x86: Allocate new rmap and large page tracking when moving memslot [5.6,135/254] KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support [5.6,136/254] KVM: x86: Gracefully handle __vmalloc() failure during VM allocation [5.6,139/254] smb3: fix performance regression with setting mtime [5.6,141/254] CIFS: check new file size when extending file by fallocate [5.6,142/254] mtd: spinand: Stop using spinand->oobbuf for buffering bad block markers [5.6,144/254] mtd: rawnand: cadence: fix the calculation of the avaialble OOB size [5.6,145/254] mtd: rawnand: cadence: change bad block marker size [5.6,147/254] drm/i915/gen12: Disable preemption timeout [5.6,149/254] btrfs: fix btrfs_calc_reclaim_metadata_size calculation [5.6,150/254] Btrfs: fix crash during unmount due to race with delayed inode workers [5.6,154/254] btrfs: fix missing file extent item for hole after ranged fsync [5.6,155/254] btrfs: unset reloc control if we fail to recover [5.6,157/254] btrfs: use nofs allocations for running delayed items [5.6,159/254] remoteproc: qcom_q6v5_mss: Reload the mba region on coredump [5.6,161/254] time/namespace: Fix time_for_children symlink [5.6,162/254] time/namespace: Add max_time_namespaces ucount [5.6,165/254] io_uring: honor original task RLIMIT_FSIZE [5.6,167/254] tools: gpio: Fix out-of-tree build regression [5.6,168/254] net: qualcomm: rmnet: Allow configuration updates to existing devices [5.6,171/254] arm64: dts: allwinner: h5: Fix PMU compatible [5.6,173/254] dm writecache: add cond_resched to avoid CPU hangs [5.6,175/254] dm verity fec: fix memory leak in verity_fec_dtr [5.6,178/254] dm clone: Add overflow check for number of regions [5.6,180/254] dm clone metadata: Fix return type of dm_clone_nr_of_hydrated_regions() [5.6,184/254] crypto: caam - update xts sector size for large input length [5.6,186/254] crypto: ccree - only try to map auth tag if needed [5.6,188/254] scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point [5.6,189/254] scsi: ufs: fix Auto-Hibern8 error detection [5.6,191/254] scsi: lpfc: Fix broken Credit Recovery after driver load [5.6,192/254] ARM: dts: exynos: Fix polarity of the LCD SPI bus on UniversalC210 board [5.6,193/254] arm64: dts: ti: k3-am65: Add clocks to dwc3 nodes [5.6,195/254] selftests: vm: drop dependencies on page flags from mlock2 tests [5.6,197/254] selftests/powerpc: Add tlbie_test in .gitignore [5.6,199/254] vfio: platform: Switch to platform_get_irq_optional() [5.6,203/254] drm: Remove PageReserved manipulation from drm_pci_alloc [5.6,205/254] drm/amd/powerplay: implement the is_dpm_running() [5.6,207/254] drm/amd/display: Check for null fclk voltage when parsing clock table [5.6,208/254] drm/prime: fix extracting of the DMA addresses from a scatterlist [5.6,211/254] drm/vboxvideo: Add missing remove_conflicting_pci_framebuffers call, v2 [5.6,212/254] nfsd: fsnotify on rmdir under nfsd/clients/ [5.6,214/254] NFS: Fix a page leak in nfs_destroy_unlinked_subrequests() [5.6,215/254] NFS: finish_automount() requires us to hold 2 refs to the mount record [5.6,216/254] NFS: Fix a few constant_table array definitions [5.6,218/254] drm/i915/gt: Treat idling as a RPS downclock event [5.6,220/254] fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() [5.6,225/254] ftrace/kprobe: Show the maxactive number on kprobe_events [5.6,226/254] clk: ingenic/jz4770: Exit with error if CGU init failed [5.6,228/254] kmod: make request_module() return an error when autoloading is disabled [5.6,230/254] hfsplus: fix crash and filesystem corruption when deleting files [5.6,231/254] libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set [5.6,232/254] ipmi: fix hung processes in __get_guid() [5.6,233/254] xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() [5.6,235/254] scsi: sr: Fix sr_block_release() [5.6,238/254] powerpc/fsl_booke: Avoid creating duplicate tlb1 entry [5.6,239/254] powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries [5.6,242/254] powerpc/xive: Fix xmon support on the PowerNV platform [5.6,244/254] powerpc/64: Prevent stack protection in early boot [5.6,246/254] Revert "drm/dp_mst: Remove VCPI while disabling topology mgr" [5.6,249/254] drm/i915/ggtt: do not set bits 1-11 in gen12 ptes [5.6,250/254] drm/i915/gt: Fill all the unused space in the GGTT [5.6,252/254] perf/core: Fix event cgroup tracking

Message ID

20200416131339.774836863@linuxfoundation.org

State

Superseded

Headers

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Eric Biggers <ebiggers@google.com>,
	Yang Xu <xuyang2018.jy@cn.fujitsu.com>,
	Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Subject: [PATCH 5.6 109/254] KEYS: reaching the keys quotas correctly
Date: Thu, 16 Apr 2020 15:23:18 +0200
Message-Id: <20200416131339.774836863@linuxfoundation.org>
In-Reply-To: <20200416131325.804095985@linuxfoundation.org>
References: <20200416131325.804095985@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: stable-owner@vger.kernel.org
Precedence: bulk

Series

None | expand

Commit Message

Greg Kroah-Hartman April 16, 2020, 1:23 p.m. UTC

From: Yang Xu <xuyang2018.jy@cn.fujitsu.com>

commit 2e356101e72ab1361821b3af024d64877d9a798d upstream.

Currently, when we add a new user key, the calltrace as below:

add_key()
  key_create_or_update()
    key_alloc()
    __key_instantiate_and_link
      generic_key_instantiate
        key_payload_reserve
          ......

Since commit a08bf91ce28e ("KEYS: allow reaching the keys quotas exactly"),
we can reach max bytes/keys in key_alloc, but we forget to remove this
limit when we reserver space for payload in key_payload_reserve. So we
can only reach max keys but not max bytes when having delta between plen
and type->def_datalen. Remove this limit when instantiating the key, so we
can keep consistent with key_alloc.

Also, fix the similar problem in keyctl_chown_key().

Fixes: 0b77f5bfb45c ("keys: make the keyring quotas controllable through /proc/sys")
Fixes: a08bf91ce28e ("KEYS: allow reaching the keys quotas exactly")
Cc: stable@vger.kernel.org # 5.0.x
Cc: Eric Biggers <ebiggers@google.com>
Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 security/keys/key.c    |    2 +-
 security/keys/keyctl.c |    4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -382,7 +382,7 @@  int key_payload_reserve(struct key *key,
 		spin_lock(&key->user->lock);
 
 		if (delta > 0 &&
-		    (key->user->qnbytes + delta >= maxbytes ||
+		    (key->user->qnbytes + delta > maxbytes ||
 		     key->user->qnbytes + delta < key->user->qnbytes)) {
 			ret = -EDQUOT;
 		}
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -937,8 +937,8 @@  long keyctl_chown_key(key_serial_t id, u
 				key_quota_root_maxbytes : key_quota_maxbytes;
 
 			spin_lock(&newowner->lock);
-			if (newowner->qnkeys + 1 >= maxkeys ||
-			    newowner->qnbytes + key->quotalen >= maxbytes ||
+			if (newowner->qnkeys + 1 > maxkeys ||
+			    newowner->qnbytes + key->quotalen > maxbytes ||
 			    newowner->qnbytes + key->quotalen <
 			    newowner->qnbytes)
 				goto quota_overrun;

[5.6,109/254] KEYS: reaching the keys quotas correctly

Commit Message

Patch