Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1325350ybz; Thu, 16 Apr 2020 07:15:12 -0700 (PDT) X-Google-Smtp-Source: APiQypJCXE6IOwFVEQyQ0Voi2A58CsQGLiSw0Z9yFWiKh5RUcEASCXSMHBYq1Udd21c921mnuNAN X-Received: by 2002:a17:906:d215:: with SMTP id w21mr9860096ejz.132.1587046511965; Thu, 16 Apr 2020 07:15:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587046511; cv=none; d=google.com; s=arc-20160816; b=jPKGen4lVL/dwYowLS6yDZxbGVYiDpIHyVDIzYx9DC6S1eLgL6QY5kvDoGI65J8v2N u09Xx7nZi7wsftv0072ZX7lkDd7KwzYMcZQyZHGTZko1a9MONrSlnn9KoIq33xAI/kDr ypyV7X49/unHgIbaP9e6L4SAfzKKq70535p8EQcEcJ8umhAuGmPD87Dx+aLuV7uNgAF0 enGK3I0uzCxJ1S+yZRH1AXgWP2BB6CKNmzjytiw+7URaIBKnfIOHY3wuXGmC55xRSWIq WGzvlYFfRunJg1nvL0eBUqlzeErGb4Krjow60VRmFSDTcmjH3DSaPHh6h04fTegMt5Ap 5eMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=oZzUYEBz4VbM5r6Jg3QYqGzGyjaQS4umGVwXwHXllzw=; b=nUrumELd68j+uibA/XjYejkPx2wwKH6u6cQhzZ+2KcS20JS4yhDy8Kqxefz/O9+jTF LBt8upnu77eCvPOjlMhKUrIIA4hRVzECFcDYq2GdgCSOmMDt5sRXisGtC89m1Y7CTnuI Pycs1AuGKfjQ+S3D2f/G+iExo25229M9Xtwnvsk9LymTDnEYyM1DW7Xq6si9ljpgJ7BY 2DjC9Ap8PiPhOqYjncQAv7S402bawtBFOgH+aFwXycGr844zkLTjs4N4x3Y+b3rGiHhX FTkaf6R0efR9AqEkkWLQTrmx897o+1nyvfM6PnNwy5XvfRqI5ZrhWxevGibCT97zr1nE gd6g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=j4qdNtmK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t16si8625652eju.94.2020.04.16.07.14.48; Thu, 16 Apr 2020 07:15:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=j4qdNtmK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2393133AbgDPOKh (ORCPT + 99 others); Thu, 16 Apr 2020 10:10:37 -0400 Received: from mail.kernel.org ([198.145.29.99]:60886 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2898623AbgDPNqp (ORCPT ); Thu, 16 Apr 2020 09:46:45 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 9D9AF2076D; Thu, 16 Apr 2020 13:46:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1587044804; bh=ESA2Q8qNEyYMT9qiYnzTb8YCAnx8roVpY6pxsaqV8pw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=j4qdNtmKwgw2qo4P7RxvBOlcj2dRdkRFLpeT6nr/pRuls/RTb9xAtTj65GRBF3wpj q0ADhnSIFn0JCjlSSAwxs5UEeILYkJBndm15OIIWvhjrDCX+LC5A1HGYN04861H6bj ItXO+Bes25i/bpfD5fhbc9xSIga0beSptJArWFK0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Eric Biggers , Yang Xu , Jarkko Sakkinen Subject: [PATCH 5.4 108/232] KEYS: reaching the keys quotas correctly Date: Thu, 16 Apr 2020 15:23:22 +0200 Message-Id: <20200416131328.658431947@linuxfoundation.org> X-Mailer: git-send-email 2.26.1 In-Reply-To: <20200416131316.640996080@linuxfoundation.org> References: <20200416131316.640996080@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Yang Xu commit 2e356101e72ab1361821b3af024d64877d9a798d upstream. Currently, when we add a new user key, the calltrace as below: add_key() key_create_or_update() key_alloc() __key_instantiate_and_link generic_key_instantiate key_payload_reserve ...... Since commit a08bf91ce28e ("KEYS: allow reaching the keys quotas exactly"), we can reach max bytes/keys in key_alloc, but we forget to remove this limit when we reserver space for payload in key_payload_reserve. So we can only reach max keys but not max bytes when having delta between plen and type->def_datalen. Remove this limit when instantiating the key, so we can keep consistent with key_alloc. Also, fix the similar problem in keyctl_chown_key(). Fixes: 0b77f5bfb45c ("keys: make the keyring quotas controllable through /proc/sys") Fixes: a08bf91ce28e ("KEYS: allow reaching the keys quotas exactly") Cc: stable@vger.kernel.org # 5.0.x Cc: Eric Biggers Signed-off-by: Yang Xu Reviewed-by: Jarkko Sakkinen Reviewed-by: Eric Biggers Signed-off-by: Jarkko Sakkinen Signed-off-by: Greg Kroah-Hartman --- security/keys/key.c | 2 +- security/keys/keyctl.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) --- a/security/keys/key.c +++ b/security/keys/key.c @@ -381,7 +381,7 @@ int key_payload_reserve(struct key *key, spin_lock(&key->user->lock); if (delta > 0 && - (key->user->qnbytes + delta >= maxbytes || + (key->user->qnbytes + delta > maxbytes || key->user->qnbytes + delta < key->user->qnbytes)) { ret = -EDQUOT; } --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -937,8 +937,8 @@ long keyctl_chown_key(key_serial_t id, u key_quota_root_maxbytes : key_quota_maxbytes; spin_lock(&newowner->lock); - if (newowner->qnkeys + 1 >= maxkeys || - newowner->qnbytes + key->quotalen >= maxbytes || + if (newowner->qnkeys + 1 > maxkeys || + newowner->qnbytes + key->quotalen > maxbytes || newowner->qnbytes + key->quotalen < newowner->qnbytes) goto quota_overrun;