diff options
| author | Serge E. Hallyn <serue@us.ibm.com> | 2009-02-26 19:27:38 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-02-26 20:35:06 -0500 |
| commit | 1d1e97562e5e2ac60fb7b25437ba619f95f67fab (patch) | |
| tree | 68a9c52ecbff0782dd9b9438685afc3b40b6f707 /security/keys/keyctl.c | |
| parent | be38e0fd5f90a91d09e0a85ffb294b70a7be6259 (diff) | |
keys: distinguish per-uid keys in different namespaces
per-uid keys were looked by uid only. Use the user namespace
to distinguish the same uid in different namespaces.
This does not address key_permission. So a task can for instance
try to join a keyring owned by the same uid in another namespace.
That will be handled by a separate patch.
Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/keys/keyctl.c')
| -rw-r--r-- | security/keys/keyctl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index b1ec3b4ee17d..7f09fb897d2b 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
| @@ -726,7 +726,7 @@ long keyctl_chown_key(key_serial_t id, uid_t uid, gid_t gid) | |||
| 726 | /* change the UID */ | 726 | /* change the UID */ |
| 727 | if (uid != (uid_t) -1 && uid != key->uid) { | 727 | if (uid != (uid_t) -1 && uid != key->uid) { |
| 728 | ret = -ENOMEM; | 728 | ret = -ENOMEM; |
| 729 | newowner = key_user_lookup(uid); | 729 | newowner = key_user_lookup(uid, current_user_ns()); |
| 730 | if (!newowner) | 730 | if (!newowner) |
| 731 | goto error_put; | 731 | goto error_put; |
| 732 | 732 | ||