diff options
| author | David Howells <dhowells@redhat.com> | 2009-09-02 04:13:45 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-09-02 07:29:04 -0400 |
| commit | 5593122eec26b061cc0b6fbff32118f1aadf4a27 (patch) | |
| tree | f148b182ada54b722962607567bd5b1ace06640a /security/keys/process_keys.c | |
| parent | e0e817392b9acf2c98d3be80c233dddb1b52003d (diff) | |
KEYS: Deal with dead-type keys appropriately [try #6]
Allow keys for which the key type has been removed to be unlinked. Currently
dead-type keys can only be disposed of by completely clearing the keyrings
that point to them.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/keys/process_keys.c')
| -rw-r--r-- | security/keys/process_keys.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index ed929af466d3..4739cfbb41b7 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c | |||
| @@ -487,7 +487,7 @@ static int lookup_user_key_possessed(const struct key *key, const void *target) | |||
| 487 | * - don't create special keyrings unless so requested | 487 | * - don't create special keyrings unless so requested |
| 488 | * - partially constructed keys aren't found unless requested | 488 | * - partially constructed keys aren't found unless requested |
| 489 | */ | 489 | */ |
| 490 | key_ref_t lookup_user_key(key_serial_t id, int create, int partial, | 490 | key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags, |
| 491 | key_perm_t perm) | 491 | key_perm_t perm) |
| 492 | { | 492 | { |
| 493 | struct request_key_auth *rka; | 493 | struct request_key_auth *rka; |
| @@ -503,7 +503,7 @@ try_again: | |||
| 503 | switch (id) { | 503 | switch (id) { |
| 504 | case KEY_SPEC_THREAD_KEYRING: | 504 | case KEY_SPEC_THREAD_KEYRING: |
| 505 | if (!cred->thread_keyring) { | 505 | if (!cred->thread_keyring) { |
| 506 | if (!create) | 506 | if (!(lflags & KEY_LOOKUP_CREATE)) |
| 507 | goto error; | 507 | goto error; |
| 508 | 508 | ||
| 509 | ret = install_thread_keyring(); | 509 | ret = install_thread_keyring(); |
| @@ -521,7 +521,7 @@ try_again: | |||
| 521 | 521 | ||
| 522 | case KEY_SPEC_PROCESS_KEYRING: | 522 | case KEY_SPEC_PROCESS_KEYRING: |
| 523 | if (!cred->tgcred->process_keyring) { | 523 | if (!cred->tgcred->process_keyring) { |
| 524 | if (!create) | 524 | if (!(lflags & KEY_LOOKUP_CREATE)) |
| 525 | goto error; | 525 | goto error; |
| 526 | 526 | ||
| 527 | ret = install_process_keyring(); | 527 | ret = install_process_keyring(); |
| @@ -642,7 +642,14 @@ try_again: | |||
| 642 | break; | 642 | break; |
| 643 | } | 643 | } |
| 644 | 644 | ||
| 645 | if (!partial) { | 645 | /* unlink does not use the nominated key in any way, so can skip all |
| 646 | * the permission checks as it is only concerned with the keyring */ | ||
| 647 | if (lflags & KEY_LOOKUP_FOR_UNLINK) { | ||
| 648 | ret = 0; | ||
| 649 | goto error; | ||
| 650 | } | ||
| 651 | |||
| 652 | if (!(lflags & KEY_LOOKUP_PARTIAL)) { | ||
| 646 | ret = wait_for_key_construction(key, true); | 653 | ret = wait_for_key_construction(key, true); |
| 647 | switch (ret) { | 654 | switch (ret) { |
| 648 | case -ERESTARTSYS: | 655 | case -ERESTARTSYS: |
| @@ -660,7 +667,8 @@ try_again: | |||
| 660 | } | 667 | } |
| 661 | 668 | ||
| 662 | ret = -EIO; | 669 | ret = -EIO; |
| 663 | if (!partial && !test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) | 670 | if (!(lflags & KEY_LOOKUP_PARTIAL) && |
| 671 | !test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) | ||
| 664 | goto invalid_key; | 672 | goto invalid_key; |
| 665 | 673 | ||
| 666 | /* check the permissions */ | 674 | /* check the permissions */ |