| Message ID | 20230426171922.896150-1-tim.gardner@canonical.com |
|---|---|
| Headers | show |
| Series | Azure: keys: Do not cache key in task struct if key is requested from kernel thread | expand |
On 4/26/23 12:19 PM, Tim Gardner wrote: > BugLink: https://bugs.launchpad.net/bugs/2017801 > > SRU Justification > > [Impact] > > The key which gets cached in task structure from a kernel thread does not > get invalidated even after expiry. Due to which, a new key request from > kernel thread will be served with the cached key if it's present in task > struct irrespective of the key validity. > > [Fix] > > commit 47f9e4c924025c5be87959d3335e66fcbb7f6b5c ('keys: Do not cache key in task > struct if key is requested from kernel thread') > Fixes: 7743c48e54ee ("keys: Cache result of request_key*() temporarily in task_struct") > > [Regression potential] > > DNS keys used by CIFS could get confused. > > [Other Info] > > Though this commit is part of stable updates v5.4.240, MSFT has requested that > it be applied in advance since Focal is only up to v5.4.233. Linux-azure 5.4 > is the only kernel that does not have this patch. > > SF: #00359129 > > Acked-by: John Cabaj <john.cabaj@canonical.com>
On 4/26/23 11:19 AM, Tim Gardner wrote: > BugLink: https://bugs.launchpad.net/bugs/2017801 > > SRU Justification > > [Impact] > > The key which gets cached in task structure from a kernel thread does not > get invalidated even after expiry. Due to which, a new key request from > kernel thread will be served with the cached key if it's present in task > struct irrespective of the key validity. > > [Fix] > > commit 47f9e4c924025c5be87959d3335e66fcbb7f6b5c ('keys: Do not cache key in task > struct if key is requested from kernel thread') > Fixes: 7743c48e54ee ("keys: Cache result of request_key*() temporarily in task_struct") > > [Regression potential] > > DNS keys used by CIFS could get confused. > > [Other Info] > > Though this commit is part of stable updates v5.4.240, MSFT has requested that > it be applied in advance since Focal is only up to v5.4.233. Linux-azure 5.4 > is the only kernel that does not have this patch. > > SF: #00359129 > Applied to Focal linux-azure:master-next. Thanks. -rtg
BugLink: https://bugs.launchpad.net/bugs/2017801 SRU Justification [Impact] The key which gets cached in task structure from a kernel thread does not get invalidated even after expiry. Due to which, a new key request from kernel thread will be served with the cached key if it's present in task struct irrespective of the key validity. [Fix] commit 47f9e4c924025c5be87959d3335e66fcbb7f6b5c ('keys: Do not cache key in task struct if key is requested from kernel thread') Fixes: 7743c48e54ee ("keys: Cache result of request_key*() temporarily in task_struct") [Regression potential] DNS keys used by CIFS could get confused. [Other Info] Though this commit is part of stable updates v5.4.240, MSFT has requested that it be applied in advance since Focal is only up to v5.4.233. Linux-azure 5.4 is the only kernel that does not have this patch. SF: #00359129