[PATCH v8 0/2] KEYS: Read keys to internal buffer & then copy to userspace

David Miller davem at davemloft.net
Thu Mar 26 02:30:56 UTC 2020

From: Waiman Long <longman at redhat.com>
Date: Sat, 21 Mar 2020 21:11:23 -0400

> The current security key read methods are called with the key semaphore
> held.  The methods then copy out the key data to userspace which is
> subjected to page fault and may acquire the mmap semaphore. That can
> result in circular lock dependency and hence a chance to get into
> deadlock.
> To avoid such a deadlock, an internal buffer is now allocated for getting
> out the necessary data first. After releasing the key semaphore, the
> key data are then copied out to userspace sidestepping the circular
> lock dependency.
> The keyutils test suite was run and the test passed with these patchset
> applied without any falure.

Who will integrate these changes?

More information about the Linux-security-module-archive mailing list