On Fri, 2017-11-10 at 12:49 +0100, Greg KH wrote:
> On Mon, Nov 06, 2017 at 06:06:19AM -0500, Mimi Zohar wrote:
> > Hi Greg,
> >
> > On Sun, 2017-11-05 at 15:18 +0100, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
> > > The patch below does not apply to the 4.9-stable tree.
> > > If someone wants it applied there, or to any other stable or longterm
> > > tree, then please email the backport, including the original git commit
> > > id to <stable@xxxxxxxxxxxxxxx>.
> > >
> > > thanks,
> > >
> > > greg k-h
> >
> > This commit needs to prereq commit ee618b4619b7 "KEYS: trusted:
> > sanitize all key material".
>
> Thanks, that fixes the issue for 4.4 and 4.9, but not for 3.18 :(
Commit 146aa8b "KEYS: Merge the type-specific data with the payload
data" introduced the change trusted_destroy(), but it is a rather big
patch.
@@ -1114,12 +1114,12 @@ static long trusted_read(const struct key
*key, char __user
*buffer,
*/
static void trusted_destroy(struct key *key)
{
- struct trusted_key_payload *p = key->payload.data;
+ struct trusted_key_payload *p = key->payload.data[0];
if (!p)
return;
memset(p->key, 0, p->key_len);
- kfree(key->payload.data);
+ kfree(key->payload.data[0]);
}
Perhaps David has back ported this patch already. David? Otherwise,
Eric could you create a patch that applies directly to the stable tree
linux-3.18.y?
thanks,
Mimi