security: don't use RCU accessors for cred->session_keyring
sparse complains that a bunch of places in kernel/cred.c access cred->session_keyring without the RCU helpers required by the __rcu annotation. cred->session_keyring is written in the following places: - prepare_kernel_cred() [in a new cred struct] - keyctl_session_to_parent() [in a new cred struct] - prepare_creds [in a new cred struct, via memcpy] - install_session_keyring_to_cred() - from install_session_keyring() on new creds - from join_session_keyring() on new creds [twice] - from umh_keys_init() - from call_usermodehelper_exec_async() on new creds All of these writes are before the creds are committed; therefore, cred->session_keyring doesn't need RCU protection. Remove the __rcu annotation and fix up all existing users that use __rcu. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: James Morris <james.morris@microsoft.com>
This commit is contained in:
Jann Horn
@@ -138,7 +138,7 @@ struct cred {
|
||||
#ifdef CONFIG_KEYS
|
||||
unsigned char jit_keyring; /* default keyring to attach requested
|
||||
* keys to */
|
||||
struct key __rcu *session_keyring; /* keyring inherited over fork */
|
||||
struct key *session_keyring; /* keyring inherited over fork */
|
||||
struct key *process_keyring; /* keyring private to this process */
|
||||
struct key *thread_keyring; /* keyring private to this thread */
|
||||
struct key *request_key_auth; /* assumed request_key authority */
|
||||
|
||||
Reference in New Issue
Block a user