LKML Archive on lore.kernel.org help / color / mirror / Atom feed
* Re: OOPS in request_key.c bisected (and then refound) [not found] <20080817194532.GB15440@nospam.com> @ 2008-08-18 1:18 ` Steve French 2008-10-28 13:33 ` Pascal Terjan 2008-10-28 14:28 ` David Howells 0 siblings, 2 replies; 3+ messages in thread From: Steve French @ 2008-08-18 1:18 UTC (permalink / raw) To: Rutger Nijlunsing; +Cc: LKML Copying lkml on this additional feedback on the patch to fix the oops introduced in April by the keyctl subsystem On Sun, Aug 17, 2008 at 2:45 PM, Rutger Nijlunsing <rutger.nijlunsing@gmail.com> wrote: > When trying to mount an CIFS share with SPGENO on Debian, I got > nothing. Digging deeping revealing on OOPS at function > call_sbin_request_key+0x166/0x255in 2.6.27 which was not there in > 2.6.25. Bisecting this with the simplest command generating the OOPS, > which was taken from 'man keyctl': > > keyctl request2 user debug:yyyy spoon > > took about 4 hours on the evolutionary dead-end Pentium 4 and returned > commit: > > commit 69664cf16af4f31cd54d77948a4baf9c7e0ca7b9 > Author: David Howells <dhowells@redhat.com> > Date: Tue Apr 29 01:01:31 2008 -0700 > > keys: don't generate user and user session keyrings unless they're accessed > > ...as the culprit. > > Googling for this revealed that this OOPS had been reported before in > May, that a patch was written, tested and considered OK: > http://lists.samba.org/archive/linux-cifs-client/2008-May/003001.html > > Applying this patch is still the right thing to do since it made the > OOPS disappear. Hopefully this will solve my SPNEGO problems, but > that's a second concern. Here is the patch again, together with > additional Tested-bys: > > --- > KEYS: Make request key instantiate the per-user keyrings > > Make request_key() instantiate the per-user keyrings so that it doesn't oops > if it needs to get hold of the user session keyring because there isn't a > session keyring in place. > > Signed-off-by: David Howells <dhowells@redhat.com> > Tested-by: Steve French <smfrench@gmail.com> > Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com> > --- > > security/keys/internal.h | 1 + > security/keys/process_keys.c | 2 +- > security/keys/request_key.c | 4 ++++ > 3 files changed, 6 insertions(+), 1 deletions(-) > > > diff --git a/security/keys/internal.h b/security/keys/internal.h > index 8c05587..2bdfacc 100644 > --- a/security/keys/internal.h > +++ b/security/keys/internal.h > @@ -108,6 +108,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type, > > extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check); > > +extern int install_user_keyrings(struct task_struct *tsk); > extern int install_thread_keyring(struct task_struct *tsk); > extern int install_process_keyring(struct task_struct *tsk); > > diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c > index 5be6d01..45b240a 100644 > --- a/security/keys/process_keys.c > +++ b/security/keys/process_keys.c > @@ -40,7 +40,7 @@ struct key_user root_key_user = { > /* > * install user and user session keyrings for a particular UID > */ > -static int install_user_keyrings(struct task_struct *tsk) > +int install_user_keyrings(struct task_struct *tsk) > { > struct user_struct *user = tsk->user; > struct key *uid_keyring, *session_keyring; > diff --git a/security/keys/request_key.c b/security/keys/request_key.c > index ba32ca6..abea08f 100644 > --- a/security/keys/request_key.c > +++ b/security/keys/request_key.c > @@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons, > > kenter("{%d},{%d},%s", key->serial, authkey->serial, op); > > + ret = install_user_keyrings(tsk); > + if (ret < 0) > + goto error_alloc; > + > /* allocate a new session keyring */ > sprintf(desc, "_req.%u", key->serial); > > > > -- > Rutger Nijlunsing ---------------------------------- eludias ed dse.nl > never attribute to a conspiracy which can be explained by incompetence > ---------------------------------------------------------------------- > -- Thanks, Steve ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: OOPS in request_key.c bisected (and then refound) 2008-08-18 1:18 ` OOPS in request_key.c bisected (and then refound) Steve French @ 2008-10-28 13:33 ` Pascal Terjan 2008-10-28 14:28 ` David Howells 1 sibling, 0 replies; 3+ messages in thread From: Pascal Terjan @ 2008-10-28 13:33 UTC (permalink / raw) To: David Howells; +Cc: Rutger Nijlunsing, LKML, stable, Steve French This patch was confirmed by a user here to fix the oops (happened while using mount.cifs with kerberos). Is there a reason not to merge it (and into stable too) ? Le dimanche 17 août 2008 à 20:18 -0500, Steve French a écrit : > Copying lkml on this additional feedback on the patch to fix the oops > introduced in April by the keyctl subsystem > > On Sun, Aug 17, 2008 at 2:45 PM, Rutger Nijlunsing > <rutger.nijlunsing@gmail.com> wrote: > > When trying to mount an CIFS share with SPGENO on Debian, I got > > nothing. Digging deeping revealing on OOPS at function > > call_sbin_request_key+0x166/0x255in 2.6.27 which was not there in > > 2.6.25. Bisecting this with the simplest command generating the OOPS, > > which was taken from 'man keyctl': > > > > keyctl request2 user debug:yyyy spoon > > > > took about 4 hours on the evolutionary dead-end Pentium 4 and returned > > commit: > > > > commit 69664cf16af4f31cd54d77948a4baf9c7e0ca7b9 > > Author: David Howells <dhowells@redhat.com> > > Date: Tue Apr 29 01:01:31 2008 -0700 > > > > keys: don't generate user and user session keyrings unless they're accessed > > > > ...as the culprit. > > > > Googling for this revealed that this OOPS had been reported before in > > May, that a patch was written, tested and considered OK: > > http://lists.samba.org/archive/linux-cifs-client/2008-May/003001.html > > > > Applying this patch is still the right thing to do since it made the > > OOPS disappear. Hopefully this will solve my SPNEGO problems, but > > that's a second concern. Here is the patch again, together with > > additional Tested-bys: > > > > --- > > KEYS: Make request key instantiate the per-user keyrings > > > > Make request_key() instantiate the per-user keyrings so that it doesn't oops > > if it needs to get hold of the user session keyring because there isn't a > > session keyring in place. > > > > Signed-off-by: David Howells <dhowells@redhat.com> > > Tested-by: Steve French <smfrench@gmail.com> > > Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com> > > --- > > > > security/keys/internal.h | 1 + > > security/keys/process_keys.c | 2 +- > > security/keys/request_key.c | 4 ++++ > > 3 files changed, 6 insertions(+), 1 deletions(-) > > > > > > diff --git a/security/keys/internal.h b/security/keys/internal.h > > index 8c05587..2bdfacc 100644 > > --- a/security/keys/internal.h > > +++ b/security/keys/internal.h > > @@ -108,6 +108,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type, > > > > extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check); > > > > +extern int install_user_keyrings(struct task_struct *tsk); > > extern int install_thread_keyring(struct task_struct *tsk); > > extern int install_process_keyring(struct task_struct *tsk); > > > > diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c > > index 5be6d01..45b240a 100644 > > --- a/security/keys/process_keys.c > > +++ b/security/keys/process_keys.c > > @@ -40,7 +40,7 @@ struct key_user root_key_user = { > > /* > > * install user and user session keyrings for a particular UID > > */ > > -static int install_user_keyrings(struct task_struct *tsk) > > +int install_user_keyrings(struct task_struct *tsk) > > { > > struct user_struct *user = tsk->user; > > struct key *uid_keyring, *session_keyring; > > diff --git a/security/keys/request_key.c b/security/keys/request_key.c > > index ba32ca6..abea08f 100644 > > --- a/security/keys/request_key.c > > +++ b/security/keys/request_key.c > > @@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons, > > > > kenter("{%d},{%d},%s", key->serial, authkey->serial, op); > > > > + ret = install_user_keyrings(tsk); > > + if (ret < 0) > > + goto error_alloc; > > + > > /* allocate a new session keyring */ > > sprintf(desc, "_req.%u", key->serial); > > > > > > > > -- > > Rutger Nijlunsing ---------------------------------- eludias ed dse.nl > > never attribute to a conspiracy which can be explained by incompetence > > ---------------------------------------------------------------------- ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: OOPS in request_key.c bisected (and then refound) 2008-08-18 1:18 ` OOPS in request_key.c bisected (and then refound) Steve French 2008-10-28 13:33 ` Pascal Terjan @ 2008-10-28 14:28 ` David Howells 1 sibling, 0 replies; 3+ messages in thread From: David Howells @ 2008-10-28 14:28 UTC (permalink / raw) To: Pascal Terjan; +Cc: dhowells, Rutger Nijlunsing, LKML, stable, Steve French Pascal Terjan <pterjan@mandriva.com> wrote: > This patch was confirmed by a user here to fix the oops (happened while > using mount.cifs with kerberos). > Is there a reason not to merge it (and into stable too) ? I thought it was upstream, but I think I must've been looking at the wrong GIT tree. I'll push it now. David ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-10-28 14:29 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20080817194532.GB15440@nospam.com>
2008-08-18 1:18 ` OOPS in request_key.c bisected (and then refound) Steve French
2008-10-28 13:33 ` Pascal Terjan
2008-10-28 14:28 ` David Howells
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).