Bug 1075652 - Failures in keyutils from new testcases in keyutils testsuite
Summary: Failures in keyutils from new testcases in keyutils testsuite
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: keyutils
Version: 6.6
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: David Howells
QA Contact: Karel Srot
URL:
Whiteboard:
Keywords: TestBlocker
Depends On:
Blocks: 1075655
TreeView+ depends on / blocked
 
Reported: 2014-03-12 14:15 UTC by David Howells
Modified: 2014-10-14 08:30 UTC (History)
7 users (show)

(edit)
Clone Of:
: 1075655 (view as bug list)
(edit)
Last Closed: 2014-10-14 08:30:08 UTC


Attachments (Terms of Use)
Fix max depth of "key show" output (829 bytes, patch)
2014-03-12 16:50 UTC, David Howells
no flags Details | Diff
Give "keyctl show" a full-width key ID field (863 bytes, patch)
2014-03-12 16:51 UTC, David Howells
no flags Details | Diff
Fix the input buffer size for padd & co. (743 bytes, patch)
2014-03-12 16:52 UTC, David Howells
no flags Details | Diff
Handle NUL chars in input data to "keyctl padd" & co. (2.86 KB, patch)
2014-03-12 16:52 UTC, David Howells
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1610 normal SHIPPED_LIVE keyutils bug fix update 2014-10-14 01:39:25 UTC

Description David Howells 2014-03-12 14:15:44 UTC
Description of problem:

The keyutils testsuite has some new tests that show up some bugs in older versions of the keyutils package.

Firstly, the keyctl/show/valid test now checks that the output follows down through a set of nested keyrings more than two deep:

http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=67e435c3f1810bc0902698ea4ac4a85b4aef7e4f

Secondly, the keyctl/padd/useradd test now checks the size of the payload we can submit through "keyctl add ...".

The first is fixed here:

http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=96bae1cc9b062f669ed4ac322807e77e12d1b8fc

and the second here:

http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=df5cab5362695b92896a41a86556e9dad156419d

Version-Release number of selected component (if applicable):

keyutils-1.4-3

How reproducible:


Steps to Reproduce:
1. The keyctl/show/valid failure:
Do the following:

    a=@s
    a=`keyctl newring foo $a`
    a=`keyctl newring foo $a`
    a=`keyctl newring foo $a`
    a=`keyctl newring foo $a`
    a=`keyctl newring foo $a`
    keyctl show

This should display five keyrings called 'foo' nested inside each other, with the first nested inside a keyring called '_ses'.  If it shows fewer levels, it doesn't work.

2. The keyctl/padd/useradd failure:
Do the following:

    dd if=/dev/zero bs=$((1024*1024-1)) count=1 | \
        strace -eadd_key keyctl padd user a @s

And make sure that the fourth argument to add_key() is 0xfffff.  If the command fails without calling add_key() or it truncates the buffer, then it didn't work.

Comment 2 David Howells 2014-03-12 15:41:38 UTC
http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=d4dea943947ffe91d3ba1fe05e84fa4c8f46fcdd

is also necessary to fix keyctl/padd/useradd.

Comment 3 David Howells 2014-03-12 16:07:26 UTC
Part of:

http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=c2bba5a9f8f50b22f736ec262504229a719bcfce

is also necessary to fix keyctl/show/valid.

Comment 4 David Howells 2014-03-12 16:50:34 UTC
Created attachment 873655 [details]
Fix max depth of "key show" output

Comment 5 David Howells 2014-03-12 16:51:30 UTC
Created attachment 873656 [details]
Give "keyctl show" a full-width key ID field

Comment 6 David Howells 2014-03-12 16:52:07 UTC
Created attachment 873657 [details]
Fix the input buffer size for padd & co.

Comment 7 David Howells 2014-03-12 16:52:55 UTC
Created attachment 873658 [details]
Handle NUL chars in input data to "keyctl padd" & co.

Comment 11 Jeff Moyer 2014-07-18 18:06:33 UTC
If we're pushing this out to 6.7, then we should also revert the test case additions so we don't have to weed through a ton of false positives.

Comment 20 errata-xmlrpc 2014-10-14 08:30:08 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1610.html


Note You need to log in before you can comment on or make changes to this bug.