aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Documentation/keys.txt16
-rw-r--r--security/Kconfig20
-rw-r--r--security/keys/proc.c7
3 files changed, 32 insertions, 11 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt
index 3bbe157b45e4..70e83cf664ae 100644
--- a/Documentation/keys.txt
+++ b/Documentation/keys.txt
@@ -270,9 +270,17 @@ about the status of the key service:
270 270
271 (*) /proc/keys 271 (*) /proc/keys
272 272
273 This lists all the keys on the system, giving information about their 273 This lists the keys that are currently viewable by the task reading the
274 type, description and permissions. The payload of the key is not available 274 file, giving information about their type, description and permissions.
275 this way: 275 It is not possible to view the payload of the key this way, though some
276 information about it may be given.
277
278 The only keys included in the list are those that grant View permission to
279 the reading process whether or not it possesses them. Note that LSM
280 security checks are still performed, and may further filter out keys that
281 the current process is not authorised to view.
282
283 The contents of the file look like this:
276 284
277 SERIAL FLAGS USAGE EXPY PERM UID GID TYPE DESCRIPTION: SUMMARY 285 SERIAL FLAGS USAGE EXPY PERM UID GID TYPE DESCRIPTION: SUMMARY
278 00000001 I----- 39 perm 1f3f0000 0 0 keyring _uid_ses.0: 1/4 286 00000001 I----- 39 perm 1f3f0000 0 0 keyring _uid_ses.0: 1/4
@@ -300,7 +308,7 @@ about the status of the key service:
300 (*) /proc/key-users 308 (*) /proc/key-users
301 309
302 This file lists the tracking data for each user that has at least one key 310 This file lists the tracking data for each user that has at least one key
303 on the system. Such data includes quota information and statistics: 311 on the system. Such data includes quota information and statistics:
304 312
305 [root@andromeda root]# cat /proc/key-users 313 [root@andromeda root]# cat /proc/key-users
306 0: 46 45/45 1/100 13/10000 314 0: 46 45/45 1/100 13/10000
diff --git a/security/Kconfig b/security/Kconfig
index 34f593410d57..67785df264e5 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -22,16 +22,22 @@ config KEYS
22 If you are unsure as to whether this is required, answer N. 22 If you are unsure as to whether this is required, answer N.
23 23
24config KEYS_DEBUG_PROC_KEYS 24config KEYS_DEBUG_PROC_KEYS
25 bool "Enable the /proc/keys file by which all keys may be viewed" 25 bool "Enable the /proc/keys file by which keys may be viewed"
26 depends on KEYS 26 depends on KEYS
27 help 27 help
28 This option turns on support for the /proc/keys file through which 28 This option turns on support for the /proc/keys file - through which
29 all the keys on the system can be listed. 29 can be listed all the keys on the system that are viewable by the
30 reading process.
30 31
31 This option is a slight security risk in that it makes it possible 32 The only keys included in the list are those that grant View
32 for anyone to see all the keys on the system. Normally the manager 33 permission to the reading process whether or not it possesses them.
33 pretends keys that are inaccessible to a process don't exist as far 34 Note that LSM security checks are still performed, and may further
34 as that process is concerned. 35 filter out keys that the current process is not authorised to view.
36
37 Only key attributes are listed here; key payloads are not included in
38 the resulting table.
39
40 If you are unsure as to whether this is required, answer N.
35 41
36config SECURITY 42config SECURITY
37 bool "Enable different security models" 43 bool "Enable different security models"
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 12b750e51fbf..686a9ee0c5de 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -137,6 +137,13 @@ static int proc_keys_show(struct seq_file *m, void *v)
137 struct timespec now; 137 struct timespec now;
138 unsigned long timo; 138 unsigned long timo;
139 char xbuf[12]; 139 char xbuf[12];
140 int rc;
141
142 /* check whether the current task is allowed to view the key (assuming
143 * non-possession) */
144 rc = key_task_permission(make_key_ref(key, 0), current, KEY_VIEW);
145 if (rc < 0)
146 return 0;
140 147
141 now = current_kernel_time(); 148 now = current_kernel_time();
142 149