-stable review patch. If anyone has any objections, please let us know.
------------------
from hanging future joins in the D state [CAN-2005-2098].
The problem is that the error handling path for the KEYCTL_JOIN_SESSION_KEYRING
operation has one error path that doesn't release the session management
semaphore. Further attempts to get the semaphore will then sleep for ever in
the D state.
This can happen in four situations, all involving an attempt to allocate a new
session keyring:
(1) ENOMEM.
(2) The users key quota being reached.
(3) A keyring name that is an empty string.
(4) A keyring name that is too long.
Any user may attempt this operation, and so any user can cause the problem to
occur.
Signed-Off-By: David Howells <[email protected]>
Signed-off-by: Chris Wright <[email protected]>
---
security/keys/process_keys.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
Index: linux-2.6.12.y/security/keys/process_keys.c
===================================================================
--- linux-2.6.12.y.orig/security/keys/process_keys.c
+++ linux-2.6.12.y/security/keys/process_keys.c
@@ -641,7 +641,7 @@ long join_session_keyring(const char *na
keyring = keyring_alloc(name, tsk->uid, tsk->gid, 0, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);
- goto error;
+ goto error2;
}
}
else if (IS_ERR(keyring)) {
--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |