Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751711AbbBLQqU (ORCPT ); Thu, 12 Feb 2015 11:46:20 -0500 Received: from mx1.redhat.com ([209.132.183.28]:37066 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751343AbbBLQqS convert rfc822-to-8bit (ORCPT ); Thu, 12 Feb 2015 11:46:18 -0500 Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 From: David Howells In-Reply-To: <20150211212647.GA425@rage.redhat.com> References: <20150211212647.GA425@rage.redhat.com> To: David Jeffery Cc: dhowells@redhat.com, keyrings@linux-nfs.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] Don't leak a key reference if request_key() tries to use a revoked keyring MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <19887.1423759574.1@warthog.procyon.org.uk> Content-Transfer-Encoding: 8BIT Date: Thu, 12 Feb 2015 16:46:14 +0000 Message-ID: <19888.1423759574@warthog.procyon.org.uk> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 782 Lines: 17 David Jeffery wrote: > If a request_key() call to allocate and fill out a key attempts to insert the > key structure into a revoked keyring, the key will leak, using memory and part > of the user's key quota until the system reboots. This is from a failure of > construct_alloc_key() to decrement the key's reference count after the attempt > to insert into the requested keyring is rejected. > > key_put() needs to be called in the link_prealloc_failed callpath to ensure > the unused key is released. Applied. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/