LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* Re: OOPS in request_key.c bisected (and then refound)
       [not found] <20080817194532.GB15440@nospam.com>
@ 2008-08-18  1:18 ` Steve French
  2008-10-28 13:33   ` Pascal Terjan
  2008-10-28 14:28   ` David Howells
  0 siblings, 2 replies; 3+ messages in thread
From: Steve French @ 2008-08-18  1:18 UTC (permalink / raw)
  To: Rutger Nijlunsing; +Cc: LKML

Copying lkml on this additional feedback on the patch to fix the oops
introduced in April by the keyctl subsystem

On Sun, Aug 17, 2008 at 2:45 PM, Rutger Nijlunsing
<rutger.nijlunsing@gmail.com> wrote:
> When trying to mount an CIFS share with SPGENO on Debian, I got
> nothing. Digging deeping revealing on OOPS at function
> call_sbin_request_key+0x166/0x255in 2.6.27 which was not there in
> 2.6.25. Bisecting this with the simplest command generating the OOPS,
> which was taken from 'man keyctl':
>
>    keyctl request2 user debug:yyyy spoon
>
> took about 4 hours on the evolutionary dead-end Pentium 4 and returned
> commit:
>
> commit 69664cf16af4f31cd54d77948a4baf9c7e0ca7b9
> Author: David Howells <dhowells@redhat.com>
> Date:   Tue Apr 29 01:01:31 2008 -0700
>
>    keys: don't generate user and user session keyrings unless they're accessed
>
> ...as the culprit.
>
> Googling for this revealed that this OOPS had been reported before in
> May, that a patch was written, tested and considered OK:
> http://lists.samba.org/archive/linux-cifs-client/2008-May/003001.html
>
> Applying this patch is still the right thing to do since it made the
> OOPS disappear. Hopefully this will solve my SPNEGO problems, but
> that's a second concern. Here is the patch again, together with
> additional Tested-bys:
>
> ---
> KEYS: Make request key instantiate the per-user keyrings
>
> Make request_key() instantiate the per-user keyrings so that it doesn't oops
> if it needs to get hold of the user session keyring because there isn't a
> session keyring in place.
>
> Signed-off-by: David Howells <dhowells@redhat.com>
> Tested-by: Steve French <smfrench@gmail.com>
> Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com>
> ---
>
>  security/keys/internal.h     |    1 +
>  security/keys/process_keys.c |    2 +-
>  security/keys/request_key.c  |    4 ++++
>  3 files changed, 6 insertions(+), 1 deletions(-)
>
>
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index 8c05587..2bdfacc 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -108,6 +108,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type,
>
>  extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);
>
> +extern int install_user_keyrings(struct task_struct *tsk);
>  extern int install_thread_keyring(struct task_struct *tsk);
>  extern int install_process_keyring(struct task_struct *tsk);
>
> diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
> index 5be6d01..45b240a 100644
> --- a/security/keys/process_keys.c
> +++ b/security/keys/process_keys.c
> @@ -40,7 +40,7 @@ struct key_user root_key_user = {
>  /*
>  * install user and user session keyrings for a particular UID
>  */
> -static int install_user_keyrings(struct task_struct *tsk)
> +int install_user_keyrings(struct task_struct *tsk)
>  {
>        struct user_struct *user = tsk->user;
>        struct key *uid_keyring, *session_keyring;
> diff --git a/security/keys/request_key.c b/security/keys/request_key.c
> index ba32ca6..abea08f 100644
> --- a/security/keys/request_key.c
> +++ b/security/keys/request_key.c
> @@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons,
>
>        kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
>
> +       ret = install_user_keyrings(tsk);
> +       if (ret < 0)
> +               goto error_alloc;
> +
>        /* allocate a new session keyring */
>        sprintf(desc, "_req.%u", key->serial);
>
>
>
> --
> Rutger Nijlunsing ---------------------------------- eludias ed dse.nl
> never attribute to a conspiracy which can be explained by incompetence
> ----------------------------------------------------------------------
>



-- 
Thanks,

Steve

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: OOPS in request_key.c bisected (and then refound)
  2008-08-18  1:18 ` OOPS in request_key.c bisected (and then refound) Steve French
@ 2008-10-28 13:33   ` Pascal Terjan
  2008-10-28 14:28   ` David Howells
  1 sibling, 0 replies; 3+ messages in thread
From: Pascal Terjan @ 2008-10-28 13:33 UTC (permalink / raw)
  To: David Howells; +Cc: Rutger Nijlunsing, LKML, stable, Steve French

This patch was confirmed by a user here to fix the oops (happened while
using mount.cifs with kerberos).
Is there a reason not to merge it (and into stable too) ?

Le dimanche 17 août 2008 à 20:18 -0500, Steve French a écrit :
> Copying lkml on this additional feedback on the patch to fix the oops
> introduced in April by the keyctl subsystem
> 
> On Sun, Aug 17, 2008 at 2:45 PM, Rutger Nijlunsing
> <rutger.nijlunsing@gmail.com> wrote:
> > When trying to mount an CIFS share with SPGENO on Debian, I got
> > nothing. Digging deeping revealing on OOPS at function
> > call_sbin_request_key+0x166/0x255in 2.6.27 which was not there in
> > 2.6.25. Bisecting this with the simplest command generating the OOPS,
> > which was taken from 'man keyctl':
> >
> >    keyctl request2 user debug:yyyy spoon
> >
> > took about 4 hours on the evolutionary dead-end Pentium 4 and returned
> > commit:
> >
> > commit 69664cf16af4f31cd54d77948a4baf9c7e0ca7b9
> > Author: David Howells <dhowells@redhat.com>
> > Date:   Tue Apr 29 01:01:31 2008 -0700
> >
> >    keys: don't generate user and user session keyrings unless they're accessed
> >
> > ...as the culprit.
> >
> > Googling for this revealed that this OOPS had been reported before in
> > May, that a patch was written, tested and considered OK:
> > http://lists.samba.org/archive/linux-cifs-client/2008-May/003001.html
> >
> > Applying this patch is still the right thing to do since it made the
> > OOPS disappear. Hopefully this will solve my SPNEGO problems, but
> > that's a second concern. Here is the patch again, together with
> > additional Tested-bys:
> >
> > ---
> > KEYS: Make request key instantiate the per-user keyrings
> >
> > Make request_key() instantiate the per-user keyrings so that it doesn't oops
> > if it needs to get hold of the user session keyring because there isn't a
> > session keyring in place.
> >
> > Signed-off-by: David Howells <dhowells@redhat.com>
> > Tested-by: Steve French <smfrench@gmail.com>
> > Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com>
> > ---
> >
> >  security/keys/internal.h     |    1 +
> >  security/keys/process_keys.c |    2 +-
> >  security/keys/request_key.c  |    4 ++++
> >  3 files changed, 6 insertions(+), 1 deletions(-)
> >
> >
> > diff --git a/security/keys/internal.h b/security/keys/internal.h
> > index 8c05587..2bdfacc 100644
> > --- a/security/keys/internal.h
> > +++ b/security/keys/internal.h
> > @@ -108,6 +108,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type,
> >
> >  extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);
> >
> > +extern int install_user_keyrings(struct task_struct *tsk);
> >  extern int install_thread_keyring(struct task_struct *tsk);
> >  extern int install_process_keyring(struct task_struct *tsk);
> >
> > diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
> > index 5be6d01..45b240a 100644
> > --- a/security/keys/process_keys.c
> > +++ b/security/keys/process_keys.c
> > @@ -40,7 +40,7 @@ struct key_user root_key_user = {
> >  /*
> >  * install user and user session keyrings for a particular UID
> >  */
> > -static int install_user_keyrings(struct task_struct *tsk)
> > +int install_user_keyrings(struct task_struct *tsk)
> >  {
> >        struct user_struct *user = tsk->user;
> >        struct key *uid_keyring, *session_keyring;
> > diff --git a/security/keys/request_key.c b/security/keys/request_key.c
> > index ba32ca6..abea08f 100644
> > --- a/security/keys/request_key.c
> > +++ b/security/keys/request_key.c
> > @@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons,
> >
> >        kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
> >
> > +       ret = install_user_keyrings(tsk);
> > +       if (ret < 0)
> > +               goto error_alloc;
> > +
> >        /* allocate a new session keyring */
> >        sprintf(desc, "_req.%u", key->serial);
> >
> >
> >
> > --
> > Rutger Nijlunsing ---------------------------------- eludias ed dse.nl
> > never attribute to a conspiracy which can be explained by incompetence
> > ----------------------------------------------------------------------



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: OOPS in request_key.c bisected (and then refound)
  2008-08-18  1:18 ` OOPS in request_key.c bisected (and then refound) Steve French
  2008-10-28 13:33   ` Pascal Terjan
@ 2008-10-28 14:28   ` David Howells
  1 sibling, 0 replies; 3+ messages in thread
From: David Howells @ 2008-10-28 14:28 UTC (permalink / raw)
  To: Pascal Terjan; +Cc: dhowells, Rutger Nijlunsing, LKML, stable, Steve French

Pascal Terjan <pterjan@mandriva.com> wrote:

> This patch was confirmed by a user here to fix the oops (happened while
> using mount.cifs with kerberos).
> Is there a reason not to merge it (and into stable too) ?

I thought it was upstream, but I think I must've been looking at the wrong
GIT tree.  I'll push it now.

David

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2008-10-28 14:29 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <20080817194532.GB15440@nospam.com>
2008-08-18  1:18 ` OOPS in request_key.c bisected (and then refound) Steve French
2008-10-28 13:33   ` Pascal Terjan
2008-10-28 14:28   ` David Howells

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).