On Thu, 28 Sep 2017, Eric Biggers wrote: > From: Eric Biggers <[email protected]> > > A key of type "encrypted" references a "master key" which is used to > encrypt and decrypt the encrypted key's payload. However, when we > accessed the master key's payload, we failed to handle the case where > the master key has been revoked, which sets the payload pointer to NULL. > Note that request_key() *does* skip revoked keys, but there is still a > window where the key can be revoked before we acquire its semaphore. > > Fix it by checking for a NULL payload, treating it like a key which was > already revoked at the time it was requested. > > This was an issue for master keys of type "user" only. Master keys can > also be of type "trusted", but those cannot be revoked. > > Fixes: 7e70cb497850 ("keys: add new key-type encrypted") > Cc: <[email protected]> [v2.6.38+] > Signed-off-by: Eric Biggers <[email protected]>
Reviewed-by: James Morris <[email protected]> -- James Morris <[email protected]> -- Linux-cachefs mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-cachefs
