diff options
Diffstat (limited to 'security/keys')
| -rw-r--r-- | security/keys/key.c | 2 | ||||
| -rw-r--r-- | security/keys/permission.c | 5 | ||||
| -rw-r--r-- | security/keys/process_keys.c | 2 |
3 files changed, 5 insertions, 4 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index c9bf66ac36e0..50d96d4e06f2 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
| @@ -253,7 +253,7 @@ struct key *key_alloc(struct key_type *type, const char *desc, | |||
| 253 | quotalen = desclen + type->def_datalen; | 253 | quotalen = desclen + type->def_datalen; |
| 254 | 254 | ||
| 255 | /* get hold of the key tracking for this user */ | 255 | /* get hold of the key tracking for this user */ |
| 256 | user = key_user_lookup(uid, cred->user->user_ns); | 256 | user = key_user_lookup(uid, cred->user_ns); |
| 257 | if (!user) | 257 | if (!user) |
| 258 | goto no_memory_1; | 258 | goto no_memory_1; |
| 259 | 259 | ||
diff --git a/security/keys/permission.c b/security/keys/permission.c index 57d96363d7f1..0b4d019e027d 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c | |||
| @@ -36,7 +36,7 @@ int key_task_permission(const key_ref_t key_ref, const struct cred *cred, | |||
| 36 | 36 | ||
| 37 | key = key_ref_to_ptr(key_ref); | 37 | key = key_ref_to_ptr(key_ref); |
| 38 | 38 | ||
| 39 | if (key->user->user_ns != cred->user->user_ns) | 39 | if (key->user->user_ns != cred->user_ns) |
| 40 | goto use_other_perms; | 40 | goto use_other_perms; |
| 41 | 41 | ||
| 42 | /* use the second 8-bits of permissions for keys the caller owns */ | 42 | /* use the second 8-bits of permissions for keys the caller owns */ |
| @@ -53,7 +53,8 @@ int key_task_permission(const key_ref_t key_ref, const struct cred *cred, | |||
| 53 | goto use_these_perms; | 53 | goto use_these_perms; |
| 54 | } | 54 | } |
| 55 | 55 | ||
| 56 | ret = groups_search(cred->group_info, key->gid); | 56 | ret = groups_search(cred->group_info, |
| 57 | make_kgid(current_user_ns(), key->gid)); | ||
| 57 | if (ret) { | 58 | if (ret) { |
| 58 | kperm = key->perm >> 8; | 59 | kperm = key->perm >> 8; |
| 59 | goto use_these_perms; | 60 | goto use_these_perms; |
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index e137fcd7042c..d71056db7b67 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c | |||
| @@ -860,7 +860,7 @@ void key_replace_session_keyring(void) | |||
| 860 | new-> sgid = old-> sgid; | 860 | new-> sgid = old-> sgid; |
| 861 | new->fsgid = old->fsgid; | 861 | new->fsgid = old->fsgid; |
| 862 | new->user = get_uid(old->user); | 862 | new->user = get_uid(old->user); |
| 863 | new->user_ns = new->user->user_ns; | 863 | new->user_ns = get_user_ns(new->user_ns); |
| 864 | new->group_info = get_group_info(old->group_info); | 864 | new->group_info = get_group_info(old->group_info); |
| 865 | 865 | ||
| 866 | new->securebits = old->securebits; | 866 | new->securebits = old->securebits; |