aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/keyring.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2006-06-26 03:24:50 -0400
committerLinus Torvalds <torvalds@g5.osdl.org>2006-06-26 12:58:18 -0400
commit7e047ef5fe2d52e83020e856b1bf2556a6a2ce98 (patch)
tree97656e2c56a27be9d1da451dde627b693b8643f2 /security/keys/keyring.c
parentf116629d03655adaf7832b93b03c99391d09d4a7 (diff)
[PATCH] keys: sort out key quota system
Add the ability for key creation to overrun the user's quota in some circumstances - notably when a session keyring is created and assigned to a process that didn't previously have one. This means it's still possible to log in, should PAM require the creation of a new session keyring, and fix an overburdened key quota. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security/keys/keyring.c')
-rw-r--r--security/keys/keyring.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 1357207fc9df..6c282bd937e2 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -240,7 +240,7 @@ static long keyring_read(const struct key *keyring,
240 * allocate a keyring and link into the destination keyring 240 * allocate a keyring and link into the destination keyring
241 */ 241 */
242struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, 242struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
243 struct task_struct *ctx, int not_in_quota, 243 struct task_struct *ctx, unsigned long flags,
244 struct key *dest) 244 struct key *dest)
245{ 245{
246 struct key *keyring; 246 struct key *keyring;
@@ -249,7 +249,7 @@ struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
249 keyring = key_alloc(&key_type_keyring, description, 249 keyring = key_alloc(&key_type_keyring, description,
250 uid, gid, ctx, 250 uid, gid, ctx,
251 (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL, 251 (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL,
252 not_in_quota); 252 flags);
253 253
254 if (!IS_ERR(keyring)) { 254 if (!IS_ERR(keyring)) {
255 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL); 255 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL);