KEYS: Make request key instantiate the per-user keyrings

Make request_key() instantiate the per-user keyrings so that it doesn't oops
if it needs to get hold of the user session keyring because there isn't a
session keyring in place.

Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Steve French <smfrench@gmail.com>
Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
David Howells 2008-11-10 19:00:05 +00:00 committed by Linus Torvalds
parent 3ad4f59705
commit 1f8f5cf6e4
3 changed files with 6 additions and 1 deletions

View File

@ -107,6 +107,7 @@ extern key_ref_t search_process_keyrings(struct key_type *type,
extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check); extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);
extern int install_user_keyrings(struct task_struct *tsk);
extern int install_thread_keyring(struct task_struct *tsk); extern int install_thread_keyring(struct task_struct *tsk);
extern int install_process_keyring(struct task_struct *tsk); extern int install_process_keyring(struct task_struct *tsk);

View File

@ -40,7 +40,7 @@ struct key_user root_key_user = {
/* /*
* install user and user session keyrings for a particular UID * install user and user session keyrings for a particular UID
*/ */
static int install_user_keyrings(struct task_struct *tsk) int install_user_keyrings(struct task_struct *tsk)
{ {
struct user_struct *user = tsk->user; struct user_struct *user = tsk->user;
struct key *uid_keyring, *session_keyring; struct key *uid_keyring, *session_keyring;

View File

@ -74,6 +74,10 @@ static int call_sbin_request_key(struct key_construction *cons,
kenter("{%d},{%d},%s", key->serial, authkey->serial, op); kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
ret = install_user_keyrings(tsk);
if (ret < 0)
goto error_alloc;
/* allocate a new session keyring */ /* allocate a new session keyring */
sprintf(desc, "_req.%u", key->serial); sprintf(desc, "_req.%u", key->serial);