merged.
Bruce
On 06/14/2017 01:09 PM, Daniel Dragomir wrote:
From: Charlie Paul <cpaul.windri...@gmail.com>
*For 3.14 standard/(preempt-rt)/axxia/base branches.
When the ltp add_key01 was run the kernel was crashing,
the list_del initializes the next pointer to LIST_POISON1.
When subsequent keyring destroy events happened, the system would
check for NULL and it would be false and try to call list_del
with the pointer pointing to LIST_POISON1 causing the
memory fault. This patch adds checking for LIST_POISON1
instead of NULL.
Signed-off-by: Charlie Paul <cpaul.windri...@gmail.com>
---
security/keys/keyring.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 04d0d7c..57ec130 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -376,8 +376,8 @@ static void keyring_destroy(struct key *keyring)
if (keyring->description) {
write_lock(&keyring_name_lock);
- if (keyring->type_data.link.next != NULL &&
- !list_empty(&keyring->type_data.link))
+ if (keyring->type_data.link.next != LIST_POISON1 &&
+ !list_empty(&keyring->type_data.link))
list_del(&keyring->type_data.link);
write_unlock(&keyring_name_lock);
--
_______________________________________________
linux-yocto mailing list
linux-yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/linux-yocto