Bug#500279: linux-image-2.6.26-1-amd64: [PATCH]Kernel Oops on user keyring operations - Debian

This is a discussion on Bug#500279: linux-image-2.6.26-1-amd64: [PATCH]Kernel Oops on user keyring operations - Debian ; Package: linux-image-2.6.26-1-amd64 Version: 2.6.26-5 Severity: important Tags: patch On many user keyring operations including mounting cifs shares or certain keyctl commands, the kernel will oops. The attached patch was posted on the cifs-client mailing list, but never seemed to make ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Bug#500279: linux-image-2.6.26-1-amd64: [PATCH]Kernel Oops on user keyring operations

  1. Bug#500279: linux-image-2.6.26-1-amd64: [PATCH]Kernel Oops on user keyring operations

    Package: linux-image-2.6.26-1-amd64
    Version: 2.6.26-5
    Severity: important
    Tags: patch


    On many user keyring operations including mounting cifs shares or certain keyctl commands, the kernel will oops.

    The attached patch was posted on the cifs-client mailing list, but never seemed to make it upstream.
    I've sent a message to the list asking for an explaination of that but I received none after 2 days.

    I have tested the patch and operations now complete sucessfully.

    security/keys/internal.h | 1 +
    security/keys/process_keys.c | 2 +-
    security/keys/request_key.c | 4 ++++
    3 files changed, 6 insertions(+), 1 deletions(-)

    diff --git a/security/keys/internal.h b/security/keys/internal.h
    index 8c05587..2bdfacc 100644
    --- a/security/keys/internal.h
    +++ b/security/keys/internal.h
    @@ -108,6 +108,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type,

    extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);

    +extern int install_user_keyrings(struct task_struct *tsk);
    extern int install_thread_keyring(struct task_struct *tsk);
    extern int install_process_keyring(struct task_struct *tsk);

    diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
    index 5be6d01..45b240a 100644
    --- a/security/keys/process_keys.c
    +++ b/security/keys/process_keys.c
    @@ -40,7 +40,7 @@ struct key_user root_key_user = {
    /*
    * install user and user session keyrings for a particular UID
    */
    -static int install_user_keyrings(struct task_struct *tsk)
    +int install_user_keyrings(struct task_struct *tsk)
    {
    struct user_struct *user = tsk->user;
    struct key *uid_keyring, *session_keyring;
    diff --git a/security/keys/request_key.c b/security/keys/request_key.c
    index ba32ca6..abea08f 100644
    --- a/security/keys/request_key.c
    +++ b/security/keys/request_key.c
    @@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons,

    kenter("{%d},{%d},%s", key->serial, authkey->serial, op);

    + ret = install_user_keyrings(tsk);
    + if (ret < 0)
    + goto error_alloc;
    +
    /* allocate a new session keyring */
    sprintf(desc, "_req.%u", key->serial);


    -- Package-specific info:
    ** Version:
    Linux version 2.6.26-1-amd64 (Debian 2.6.26-5) (waldi@debian.org) (gcc version 4.1.3 20080623 (prerelease) (Debian 4.1.2-23)) #1 SMP Fri Sep 26 13:22:30 EDT 2008

    -- System Information:
    Debian Release: lenny/sid
    APT prefers testing
    APT policy: (500, 'testing')
    Architecture: amd64 (x86_64)

    Kernel: Linux 2.6.26-1-amd64 (SMP w/8 CPU cores)
    Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
    Shell: /bin/sh linked to /bin/bash

    Versions of packages linux-image-2.6.26-1-amd64 depends on:
    ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
    ii initramfs-tools [linux-initra 0.92j tools for generating an initramfs
    ii module-init-tools 3.4-1 tools for managing Linux kernel mo

    linux-image-2.6.26-1-amd64 recommends no packages.

    Versions of packages linux-image-2.6.26-1-amd64 suggests:
    ii grub 0.97-47 GRand Unified Bootloader (Legacy v
    pn linux-doc-2.6.26 (no description available)

    -- debconf information:
    linux-image-2.6.26-1-amd64/postinst/create-kimage-link-2.6.26-1-amd64: true
    shared/kernel-image/really-run-bootloader: true
    linux-image-2.6.26-1-amd64/postinst/kimage-is-a-directory:
    linux-image-2.6.26-1-amd64/preinst/bootloader-initrd-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/postinst/old-initrd-link-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/preinst/initrd-2.6.26-1-amd64:
    linux-image-2.6.26-1-amd64/postinst/old-system-map-link-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/postinst/depmod-error-initrd-2.6.26-1-amd64: false
    linux-image-2.6.26-1-amd64/preinst/overwriting-modules-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/preinst/elilo-initrd-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/postinst/bootloader-error-2.6.26-1-amd64:
    linux-image-2.6.26-1-amd64/preinst/abort-install-2.6.26-1-amd64:
    linux-image-2.6.26-1-amd64/preinst/lilo-initrd-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/postinst/depmod-error-2.6.26-1-amd64: false
    linux-image-2.6.26-1-amd64/prerm/removing-running-kernel-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/prerm/would-invalidate-boot-loader-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/postinst/bootloader-test-error-2.6.26-1-amd64:
    linux-image-2.6.26-1-amd64/preinst/abort-overwrite-2.6.26-1-amd64:
    linux-image-2.6.26-1-amd64/postinst/old-dir-initrd-link-2.6.26-1-amd64: true
    linux-image-2.6.26-1-amd64/preinst/lilo-has-ramdisk:
    linux-image-2.6.26-1-amd64/preinst/failed-to-move-modules-2.6.26-1-amd64:



    --
    To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  2. Bug#500279: marked as done (linux-image-2.6.26-1-amd64: [PATCH]Kernel Oops on user keyring operations)


    Your message dated Thu, 09 Oct 2008 13:17:35 +0000
    with message-id
    and subject line Bug#500279: fixed in linux-2.6 2.6.26-8
    has caused the Debian Bug report #500279,
    regarding linux-image-2.6.26-1-amd64: [PATCH]Kernel Oops on user keyring operations
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system
    misconfiguration somewhere. Please contact owner@bugs.debian.org
    immediately.)


    --
    500279: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500279
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems


+ Reply to Thread