mirror of
https://github.com/Fishwaldo/Star64_linux.git
synced 2025-06-28 09:31:14 +00:00
keys: safe concurrent user->{session,uid}_keyring access
The current code can perform concurrent updates and reads on
user->session_keyring and user->uid_keyring. Add a comment to
struct user_struct to document the nontrivial locking semantics, and use
READ_ONCE() for unlocked readers and smp_store_release() for writers to
prevent memory ordering issues.
Fixes: 69664cf16a ("keys: don't generate user and user session keyrings unless they're accessed")
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
This commit is contained in:
Jann Horn
James Morris
parent
5c7e372caa
commit
0b9dc6c9f0
3 changed files with 27 additions and 16 deletions
|
|
@ -31,6 +31,13 @@ struct user_struct {
|
|||
atomic_long_t pipe_bufs; /* how many pages are allocated in pipe buffers */
|
||||
|
||||
#ifdef CONFIG_KEYS
|
||||
/*
|
||||
* These pointers can only change from NULL to a non-NULL value once.
|
||||
* Writes are protected by key_user_keyring_mutex.
|
||||
* Unlocked readers should use READ_ONCE() unless they know that
|
||||
* install_user_keyrings() has been called successfully (which sets
|
||||
* these members to non-NULL values, preventing further modifications).
|
||||
*/
|
||||
struct key *uid_keyring; /* UID specific keyring */
|
||||
struct key *session_keyring; /* UID's default session keyring */
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue