keys: sparse: Fix incorrect RCU accesses
authorDavid Howells <dhowells@redhat.com>
Wed, 22 May 2019 13:09:29 +0000 (14:09 +0100)
committerDavid Howells <dhowells@redhat.com>
Wed, 29 May 2019 21:32:05 +0000 (22:32 +0100)
Fix a pair of accesses that should be using RCU protection.

rcu_dereference_protected() is needed to access task_struct::real_parent.

current_cred() should be used to access current->cred.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
security/keys/keyctl.c
security/keys/request_key_auth.c

index 3e4053a217c326bc92f7c9488293bd2f45f2b974..0f947bcbad46cf6f19434bda784dd98aecb6b1a0 100644 (file)
@@ -1524,7 +1524,8 @@ long keyctl_session_to_parent(void)
 
        ret = -EPERM;
        oldwork = NULL;
-       parent = me->real_parent;
+       parent = rcu_dereference_protected(me->real_parent,
+                                          lockdep_is_held(&tasklist_lock));
 
        /* the parent mustn't be init and mustn't be a kernel thread */
        if (parent->pid <= 1 || !parent->mm)
index bda6201c6c4508d06380d87f283e73bab758a2ad..572c7a60473a535bd412fc691585a7c08f0bbb38 100644 (file)
@@ -152,7 +152,7 @@ struct key *request_key_auth_new(struct key *target, const char *op,
                                 struct key *dest_keyring)
 {
        struct request_key_auth *rka, *irka;
-       const struct cred *cred = current->cred;
+       const struct cred *cred = current_cred();
        struct key *authkey = NULL;
        char desc[20];
        int ret = -ENOMEM;