From: David Howells <dhowells@redhat.com>
To: torvalds@osdl.org
Cc: akpm@linux-foundation.org, pterjan@mandriva.com,
stable@kernel.org, jlayton@redhat.com,
linux-kernel@vger.kernel.org, David Howells <dhowells@redhat.com>
Subject: [PATCH] KEYS: Make request key instantiate the per-user keyrings
Date: Mon, 10 Nov 2008 19:00:05 +0000 [thread overview]
Message-ID: <372.1226343605@redhat.com> (raw)
Make request_key() instantiate the per-user keyrings so that it doesn't oops
if it needs to get hold of the user session keyring because there isn't a
session keyring in place.
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Steve French <smfrench@gmail.com>
Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com>
---
security/keys/internal.h | 1 +
security/keys/process_keys.c | 2 +-
security/keys/request_key.c | 4 ++++
3 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index b39f5c2..239098f 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -107,6 +107,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type,
extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);
+extern int install_user_keyrings(struct task_struct *tsk);
extern int install_thread_keyring(struct task_struct *tsk);
extern int install_process_keyring(struct task_struct *tsk);
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 5be6d01..45b240a 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -40,7 +40,7 @@ struct key_user root_key_user = {
/*
* install user and user session keyrings for a particular UID
*/
-static int install_user_keyrings(struct task_struct *tsk)
+int install_user_keyrings(struct task_struct *tsk)
{
struct user_struct *user = tsk->user;
struct key *uid_keyring, *session_keyring;
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index ba32ca6..abea08f 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons,
kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
+ ret = install_user_keyrings(tsk);
+ if (ret < 0)
+ goto error_alloc;
+
/* allocate a new session keyring */
sprintf(desc, "_req.%u", key->serial);
next reply other threads:[~2008-11-10 19:00 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-10 19:00 David Howells [this message]
-- strict thread matches above, loose matches on Subject: below --
2008-10-28 14:32 [PATCH] KEYS: Make request key instantiate the per-user keyrings David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=372.1226343605@redhat.com \
--to=dhowells@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=jlayton@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pterjan@mandriva.com \
--cc=stable@kernel.org \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.