keys: allow clients to set key perms in key_create_or_update()

The key_create_or_update() function provided by the keyring code has a default
set of permissions that are always applied to the key when created.  This
might not be desirable to all clients.

Here's a patch that adds a "perm" parameter to the function to address this,
which can be set to KEY_PERM_UNDEF to revert to the current behaviour.

Signed-off-by: Arun Raghavan <arunsr@cse.iitk.ac.in>
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Satyam Sharma <ssatyam@cse.iitk.ac.in>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 2 insertions, 1 deletions

diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 56e963b700b9..993be634a5ef 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -112,7 +112,8 @@ asmlinkage long sys_add_key(const char __user *_type,
         /* create or update the requested key and add it to the target
          * keyring */
         key_ref = key_create_or_update(keyring_ref, type, description,
-                                       payload, plen, KEY_ALLOC_IN_QUOTA);
+                                       payload, plen, KEY_PERM_UNDEF,
+                                       KEY_ALLOC_IN_QUOTA);
         if (!IS_ERR(key_ref)) {
                 ret = key_ref_to_ptr(key_ref)->serial;
                 key_ref_put(key_ref);