Sasha Levin c030f48a9d KEYS: close race between key lookup and freeing ... When a key is being garbage collected, it's key->user would get put before the ->destroy() callback is called, where the key is removed from it's respective tracking structures. This leaves a key hanging in a semi-invalid state which leaves a window open for a different task to try an access key->user. An example is find_keyring_by_name() which would dereference key->user for a key that is in the process of being garbage collected (where key->user was freed but ->destroy() wasn't called yet - so it's still present in the linked list). This would cause either a panic, or corrupt memory. Change-Id: Ic74246dc2dcc593f04f71063e3301e7356d588b7 Signed-off-by: Sasha Levin <sasha.levin@oracle.com>		2016-10-29 23:12:10 +08:00
..
apparmor	nick kvfree() from apparmor	2014-11-18 15:13:23 -08:00
integrity	security: fix ima kconfig warning	2012-02-28 11:01:15 +11:00
keys	KEYS: close race between key lookup and freeing	2016-10-29 23:12:10 +08:00
selinux	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
smack	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
tomoyo	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
yama	Yama: add PR_SET_PTRACER_ANY	2012-02-16 10:25:18 +11:00
capability.c	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
commoncap.c	Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs	2014-10-31 19:46:07 -07:00
device_cgroup.c	cgroup: remove cgroup_subsys argument from callbacks	2012-02-02 09:20:22 -08:00
inode.c	securityfs: fix object creation races	2012-01-10 10:20:35 -05:00
Kconfig	FROMLIST: security,perf: Allow further restriction of perf_event_open	2016-06-20 19:00:29 +00:00
lsm_audit.c	security: lsm_audit: add ioctl specific auditing	2015-04-20 09:42:31 -07:00
Makefile	security: Yama LSM	2012-02-10 09:18:52 +11:00
min_addr.c
security.c	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00