Bug#877760: linux: KEYS: request_key() does not update/replace expired keys
Source: linux
Version: 3.16.7-ckt7-1
Severity: normal
Hi
In 3.16.7-ckt7-1 we applied a backport of "EYS: request_key() should
reget expired keys rather than give EKEYEXPIRED", adressing #758870,
0b0a84154eff56913e91df29de5c3a03a0029e38.
I noticed that in jessie, with still up to 3.16.43-2+deb8u5 the
following test-rocedure
,---- [ keytest.sh ]
| #!/bin/sh
| keyctl request2 user debug:dummy a @s
| keyctl timeout %user:debug:dummy 3
| keyctl show %user:debug:dummy
| sleep 4
| keyctl request2 user debug:dummy a @s
`----
still leads to:
root@jessie-amd64:~# ./keytest
542551421
Keyring
542551421 --alswrv 0 0 user: debug:dummy
request_key: Key has expired
root@jessie-amd64:~# ./keytest
request_key: Key has expired
Can't find 'user:debug:dummy'
Can't find 'user:debug:dummy'
request_key: Key has expired
root@jessie-amd64:~#
In stretch, this does not happen (with 4.9.30-2+deb9u5)
root@stretch-amd64:~# ./keytest
89439986
Keyring
89439986 --alswrv 0 0 user: debug:dummy
25490408
root@stretch-amd64:~# ./keytest
25490408
Keyring
25490408 --alswrv 0 0 user: debug:dummy
546453714
root@stretch-amd64:~#
or with 4.9.30-2+deb9u5~bpo8+1 from backports:
root@jessie-amd64:~# ./keytest
142545203
Keyring
142545203 --alswrv 0 0 user: debug:dummy
86582269
root@jessie-amd64:~# ./keytest
86582269
Keyring
86582269 --alswrv 0 0 user: debug:dummy
358240859
root@jessie-amd64:~#
Are we potentially miss any relevant needed commits between v3.16..v3.18?
(054f6180d8b5602b431b5924976c956e760488b1, "KEYS: Simplify
KEYRING_SEARCH_{NO,DO}_STATE_CHECK flags"?).
Regards,
Salvatore
Reply to: