d0709f1e66
If a request_key() call to allocate and fill out a key attempts to insert the key structure into a revoked keyring, the key will leak, using memory and part of the user's key quota until the system reboots. This is from a failure of construct_alloc_key() to decrement the key's reference count after the attempt to insert into the requested keyring is rejected. key_put() needs to be called in the link_prealloc_failed callpath to ensure the unused key is released. Signed-off-by: David Jeffery <djeffery@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com> |
||
|---|---|---|
| .. | ||
| encrypted-keys | ||
| big_key.c | ||
| compat.c | ||
| gc.c | ||
| internal.h | ||
| Kconfig | ||
| key.c | ||
| keyctl.c | ||
| keyring.c | ||
| Makefile | ||
| permission.c | ||
| persistent.c | ||
| proc.c | ||
| process_keys.c | ||
| request_key_auth.c | ||
| request_key.c | ||
| sysctl.c | ||
| trusted.c | ||
| trusted.h | ||
| user_defined.c | ||