Oops (request_key_auth_describe) while running cve-2016-7042 from LTP
David Howells
dhowells at redhat.com
Sat Aug 31 00:13:03 AEST 2019
Hillf Danton <hdanton at sina.com> wrote:
> - struct request_key_auth *rka = dereference_key_rcu(key);
> + struct request_key_auth *rka;
> +
> + rcu_read_lock();
> + rka = dereference_key_rcu(key);
This shouldn't help as the caller, proc_keys_show(), is holding the RCU read
lock across the call. The end of the function reads:
if (key->type->describe)
key->type->describe(key, m);
seq_putc(m, '\n');
rcu_read_unlock();
return 0;
}
and the documentation says "This method will be called with the RCU read lock
held".
I suspect the actual bugfix is this bit:
> + if (!rka)
> + goto out;
David
More information about the Linuxppc-dev
mailing list