KEYS: Make request key instantiate the per-user keyrings
Make request_key() instantiate the per-user keyrings so that it doesn't oops if it needs to get hold of the user session keyring because there isn't a session keyring in place. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Steve French <smfrench@gmail.com> Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
3ad4f59705
commit
1f8f5cf6e4
|
@ -107,6 +107,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type,
|
||||||
|
|
||||||
extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);
|
extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);
|
||||||
|
|
||||||
|
extern int install_user_keyrings(struct task_struct *tsk);
|
||||||
extern int install_thread_keyring(struct task_struct *tsk);
|
extern int install_thread_keyring(struct task_struct *tsk);
|
||||||
extern int install_process_keyring(struct task_struct *tsk);
|
extern int install_process_keyring(struct task_struct *tsk);
|
||||||
|
|
||||||
|
|
|
@ -40,7 +40,7 @@ struct key_user root_key_user = {
|
||||||
/*
|
/*
|
||||||
* install user and user session keyrings for a particular UID
|
* install user and user session keyrings for a particular UID
|
||||||
*/
|
*/
|
||||||
static int install_user_keyrings(struct task_struct *tsk)
|
int install_user_keyrings(struct task_struct *tsk)
|
||||||
{
|
{
|
||||||
struct user_struct *user = tsk->user;
|
struct user_struct *user = tsk->user;
|
||||||
struct key *uid_keyring, *session_keyring;
|
struct key *uid_keyring, *session_keyring;
|
||||||
|
|
|
@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons,
|
||||||
|
|
||||||
kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
|
kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
|
||||||
|
|
||||||
|
ret = install_user_keyrings(tsk);
|
||||||
|
if (ret < 0)
|
||||||
|
goto error_alloc;
|
||||||
|
|
||||||
/* allocate a new session keyring */
|
/* allocate a new session keyring */
|
||||||
sprintf(desc, "_req.%u", key->serial);
|
sprintf(desc, "_req.%u", key->serial);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue