summaryrefslogtreecommitdiffstats
path: root/kernel/user.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-04-29 01:01:31 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2008-04-29 08:06:17 -0700
commit69664cf16af4f31cd54d77948a4baf9c7e0ca7b9 (patch)
tree3ff4ecae21c140a2beed25cfa9e55b788f9814ac /kernel/user.c
parent6b79ccb5144f9ffb4d4596c23e7570238dd12abc (diff)
downloadkernel-crypto-69664cf16af4f31cd54d77948a4baf9c7e0ca7b9.tar.gz
kernel-crypto-69664cf16af4f31cd54d77948a4baf9c7e0ca7b9.tar.xz
kernel-crypto-69664cf16af4f31cd54d77948a4baf9c7e0ca7b9.zip
keys: don't generate user and user session keyrings unless they're accessed
Don't generate the per-UID user and user session keyrings unless they're explicitly accessed. This solves a problem during a login process whereby set*uid() is called before the SELinux PAM module, resulting in the per-UID keyrings having the wrong security labels. This also cures the problem of multiple per-UID keyrings sometimes appearing due to PAM modules (including pam_keyinit) setuiding and causing user_structs to come into and go out of existence whilst the session keyring pins the user keyring. This is achieved by first searching for extant per-UID keyrings before inventing new ones. The serial bound argument is also dropped from find_keyring_by_name() as it's not currently made use of (setting it to 0 disables the feature). Signed-off-by: David Howells <dhowells@redhat.com> Cc: <kwc@citi.umich.edu> Cc: <arunsr@cse.iitk.ac.in> Cc: <dwalsh@redhat.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: James Morris <jmorris@namei.org> Cc: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/user.c')
-rw-r--r--kernel/user.c15
1 files changed, 4 insertions, 11 deletions
diff --git a/kernel/user.c b/kernel/user.c
index debce602bfd..aefbbfa3159 100644
--- a/kernel/user.c
+++ b/kernel/user.c
@@ -53,10 +53,6 @@ struct user_struct root_user = {
.files = ATOMIC_INIT(0),
.sigpending = ATOMIC_INIT(0),
.locked_shm = 0,
-#ifdef CONFIG_KEYS
- .uid_keyring = &root_user_keyring,
- .session_keyring = &root_session_keyring,
-#endif
#ifdef CONFIG_USER_SCHED
.tg = &init_task_group,
#endif
@@ -420,12 +416,12 @@ struct user_struct * alloc_uid(struct user_namespace *ns, uid_t uid)
new->mq_bytes = 0;
#endif
new->locked_shm = 0;
-
- if (alloc_uid_keyring(new, current) < 0)
- goto out_free_user;
+#ifdef CONFIG_KEYS
+ new->uid_keyring = new->session_keyring = NULL;
+#endif
if (sched_create_user(new) < 0)
- goto out_put_keys;
+ goto out_free_user;
if (uids_user_create(new))
goto out_destoy_sched;
@@ -459,9 +455,6 @@ struct user_struct * alloc_uid(struct user_namespace *ns, uid_t uid)
out_destoy_sched:
sched_destroy_user(new);
-out_put_keys:
- key_put(new->uid_keyring);
- key_put(new->session_keyring);
out_free_user:
kmem_cache_free(uid_cachep, new);
out_unlock: