Andrew Morton <[EMAIL PROTECTED]> wrote:
> > + key_ref = lookup_user_key(NULL, keyid, 0, 1, KEY_VIEW);
> > + if (IS_ERR(key_ref)) {
> > + if (PTR_ERR(key_ref) != -EACCES)
> > + return PTR_ERR(key_ref);
> > +
> > + /* viewing a key under construction is also permitted if we
> > + * have the authorisation token handy */
> > + instkey = key_get_instantiation_authkey(keyid);
> > + if (IS_ERR(instkey))
> > + return PTR_ERR(key_ref);
> > + key_put(instkey);
>
> This check looks a wee bit racy?
It's not particularly racy. Admittedly there's a tiny window in which we can
retrieve the security label of a key for which we had an authorisation token
that got revoked just as we completed our access checks on it. Does this
matter?
David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
