Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"

This reverts merge 0f75ef6a9cff49ff612f7ce0578bced9d0b38325 (and thus
effectively commits

   7a1ade847596 ("keys: Provide KEYCTL_GRANT_PERMISSION")
   2e12256b9a76 ("keys: Replace uid/gid/perm permissions checking with an ACL")

that the merge brought in).

It turns out that it breaks booting with an encrypted volume, and Eric
biggers reports that it also breaks the fscrypt tests [1] and loading of
in-kernel X.509 certificates [2].

The root cause of all the breakage is likely the same, but David Howells
is off email so rather than try to work it out it's getting reverted in
order to not impact the rest of the merge window.

 [1] https://lore.kernel.org/lkml/20190710011559.GA7973@sol.localdomain/
 [2] https://lore.kernel.org/lkml/20190710013225.GB7973@sol.localdomain/

Link: https://lore.kernel.org/lkml/CAHk-=wjxoeMJfeBahnWH=9zShKp2bsVy527vo3_y8HfOdhwAAw@mail.gmail.com/
Reported-by: Eric Biggers <ebiggers@kernel.org>
Cc: David Howells <dhowells@redhat.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

2 files changed, 5 insertions, 22 deletions

diff --git a/net/dns_resolver/dns_key.c b/net/dns_resolver/dns_key.c
index 6b201531b165..3e1a90669006 100644
--- a/net/dns_resolver/dns_key.c
+++ b/net/dns_resolver/dns_key.c
@@ -46,15 +46,6 @@ const struct cred *dns_resolver_cache;
 
 #define DNS_ERRORNO_OPTION      "dnserror"
 
-static struct key_acl dns_keyring_acl = {
-        .usage  = REFCOUNT_INIT(1),
-        .nr_ace = 2,
-        .aces = {
-                KEY_POSSESSOR_ACE(KEY_ACE_SEARCH | KEY_ACE_WRITE),
-                KEY_OWNER_ACE(KEY_ACE_VIEW | KEY_ACE_READ | KEY_ACE_CLEAR),
-        }
-};
-
 /*
  * Preparse instantiation data for a dns_resolver key.
  *
@@ -352,7 +343,8 @@ static int __init init_dns_resolver(void)
 
         keyring = keyring_alloc(".dns_resolver",
                                 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred,
-                                &dns_keyring_acl,
+                                (KEY_POS_ALL & ~KEY_POS_SETATTR) |
+                                KEY_USR_VIEW | KEY_USR_READ,
                                 KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL);
         if (IS_ERR(keyring)) {
                 ret = PTR_ERR(keyring);
diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index 236baf2bfa4c..cab4e0df924f 100644
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -47,16 +47,6 @@
 
 #include "internal.h"
 
-static struct key_acl dns_key_acl = {
-        .usage  = REFCOUNT_INIT(1),
-        .nr_ace = 2,
-        .possessor_viewable = true,
-        .aces = {
-                KEY_POSSESSOR_ACE(KEY_ACE_VIEW | KEY_ACE_SEARCH | KEY_ACE_READ),
-                KEY_OWNER_ACE(KEY_ACE_VIEW | KEY_ACE_INVAL),
-        }
-};
-
 /**
  * dns_query - Query the DNS
  * @net: The network namespace to operate in.
@@ -135,8 +125,7 @@ int dns_query(struct net *net,
          * add_key() to preinstall malicious redirections
          */
         saved_cred = override_creds(dns_resolver_cache);
-        rkey = request_key_net(&key_type_dns_resolver, desc, net, options,
-                               &dns_key_acl);
+        rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
         revert_creds(saved_cred);
         kfree(desc);
         if (IS_ERR(rkey)) {
@@ -146,6 +135,8 @@ int dns_query(struct net *net,
 
         down_read(&rkey->sem);
         set_bit(KEY_FLAG_ROOT_CAN_INVAL, &rkey->flags);
+        rkey->perm |= KEY_USR_VIEW;
+
         ret = key_validate(rkey);
         if (ret < 0)
                 goto put;