Hello,
Syzkaller has triggered a kernel BUG when fuzzing a 4.4 kernel with the following stacktrace. Call Trace: [<ffffffff818568d5>] construct_alloc_key security/keys/request_key.c:388 [inline] [<ffffffff818568d5>] construct_key_and_link security/keys/request_key.c:479 [inline] [<ffffffff818568d5>] request_key_and_link+0x49b/0x8c5 security/keys/request_key.c:594 [<ffffffff8184fb08>] SYSC_request_key security/keys/keyctl.c:213 [inline] [<ffffffff8184fb08>] SyS_request_key+0x1ac/0x2a2 security/keys/keyctl.c:158 [<ffffffff832bec3a>] entry_SYSCALL_64_fastpath+0x31/0xb3
Could the following patches be applied to v4.4.y? * 4aa68e07d845 ("KEYS: restrict /proc/keys by credentials at open time") * ede0fa98a900 ("KEYS: always initialize keyring_index_key::desc_len")
Note: queue-4.4 currently has a backport for "keys-always-initialize-keyring_index_key-desc_len.patch".
This request is to apply the 2 patches above instead of just one, to 4.4.y, as the first patch is a bugfix as well. They apply cleanly if applied one after another.
Tests: * Chrome OS tryjob * Syzkaller reproducer * Test to check if 4aa68e07d845 works as intended
Thanks, - Zubin