keys: don't generate user and user session keyrings unless they're accessed

Don't generate the per-UID user and user session keyrings unless they're
explicitly accessed.  This solves a problem during a login process whereby
set*uid() is called before the SELinux PAM module, resulting in the per-UID
keyrings having the wrong security labels.

This also cures the problem of multiple per-UID keyrings sometimes appearing
due to PAM modules (including pam_keyinit) setuiding and causing user_structs
to come into and go out of existence whilst the session keyring pins the user
keyring.  This is achieved by first searching for extant per-UID keyrings
before inventing new ones.

The serial bound argument is also dropped from find_keyring_by_name() as it's
not currently made use of (setting it to 0 disables the feature).

Signed-off-by: David Howells <dhowells@redhat.com>
Cc: <kwc@citi.umich.edu>
Cc: <arunsr@cse.iitk.ac.in>
Cc: <dwalsh@redhat.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: James Morris <jmorris@namei.org>
Cc: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 1 insertions, 44 deletions

diff --git a/security/keys/key.c b/security/keys/key.c
index d98c61953be6..46f125aa7fa3 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -1,6 +1,6 @@
 /* Basic authentication token and access key management
  *
- * Copyright (C) 2004-2007 Red Hat, Inc. All Rights Reserved.
+ * Copyright (C) 2004-2008 Red Hat, Inc. All Rights Reserved.
  * Written by David Howells (dhowells@redhat.com)
  *
  * This program is free software; you can redistribute it and/or
@@ -139,36 +139,6 @@ void key_user_put(struct key_user *user)
 
 /*****************************************************************************/
 /*
- * insert a key with a fixed serial number
- */
-static void __init __key_insert_serial(struct key *key)
-{
-        struct rb_node *parent, **p;
-        struct key *xkey;
-
-        parent = NULL;
-        p = &key_serial_tree.rb_node;
-
-        while (*p) {
-                parent = *p;
-                xkey = rb_entry(parent, struct key, serial_node);
-
-                if (key->serial < xkey->serial)
-                        p = &(*p)->rb_left;
-                else if (key->serial > xkey->serial)
-                        p = &(*p)->rb_right;
-                else
-                        BUG();
-        }
-
-        /* we've found a suitable hole - arrange for this key to occupy it */
-        rb_link_node(&key->serial_node, parent, p);
-        rb_insert_color(&key->serial_node, &key_serial_tree);
-
-} /* end __key_insert_serial() */
-
-/*****************************************************************************/
-/*
  * assign a key the next unique serial number
  * - these are assigned randomly to avoid security issues through covert
  *   channel problems
@@ -1020,17 +990,4 @@ void __init key_init(void)
         rb_insert_color(&root_key_user.node,
                         &key_user_tree);
 
-        /* record root's user standard keyrings */
-        key_check(&root_user_keyring);
-        key_check(&root_session_keyring);
-
-        __key_insert_serial(&root_user_keyring);
-        __key_insert_serial(&root_session_keyring);
-
-        keyring_publish_name(&root_user_keyring);
-        keyring_publish_name(&root_session_keyring);
-
-        /* link the two root keyrings together */
-        key_link(&root_session_keyring, &root_user_keyring);
-
 } /* end key_init() */