linux/security
David Howells 3ecf1b4f34 KEYS: keyctl_get_keyring_ID() should create a session keyring if create flag set
The keyctl call:

	keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 1)

should create a session keyring if the process doesn't have one of its own
because the create flag argument is set - rather than subscribing to and
returning the user-session keyring as:

	keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 0)

will do.

This can be tested by commenting out pam_keyinit in the /etc/pam.d files and
running the following program a couple of times in a row:

	#include <stdio.h>
	#include <stdlib.h>
	#include <keyutils.h>
	int main(int argc, char *argv[])
	{
		key_serial_t uk, usk, sk, nsk;
		uk  = keyctl_get_keyring_ID(KEY_SPEC_USER_KEYRING, 0);
		usk = keyctl_get_keyring_ID(KEY_SPEC_USER_SESSION_KEYRING, 0);
		sk  = keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 0);
		nsk = keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 1);
		printf("keys: %08x %08x %08x %08x\n", uk, usk, sk, nsk);
		return 0;
	}

Without this patch, I see:

	keys: 3975ddc7 119c0c66 119c0c66 119c0c66
	keys: 3975ddc7 119c0c66 119c0c66 119c0c66

With this patch, I see:

	keys: 2cb4997b 34112878 34112878 17db2ce3
	keys: 2cb4997b 34112878 34112878 39f3c73e

As can be seen, the session keyring starts off the same as the user-session
keyring each time, but with the patch a new session keyring is created when
the create flag is set.

Reported-by: Greg Wettstein <greg@enjellic.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Greg Wettstein <greg@enjellic.com>
Signed-off-by: James Morris <jmorris@namei.org>
2011-08-23 09:57:34 +10:00
..
apparmor Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 2011-07-27 19:26:38 -07:00
integrity evm: add Kconfig TCG_TPM dependency 2011-08-18 12:58:12 +10:00
keys KEYS: keyctl_get_keyring_ID() should create a session keyring if create flag set 2011-08-23 09:57:34 +10:00
selinux doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
smack doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
tomoyo tomoyo: remove tomoyo_gc_thread()->daemonize() 2011-08-17 09:48:41 +10:00
capability.c ->permission() sanitizing: don't pass flags to ->inode_permission() 2011-07-20 01:43:26 -04:00
commoncap.c capabilities: initialize has_cap 2011-08-16 09:20:45 +10:00
device_cgroup.c security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu() 2011-07-20 11:05:30 -07:00
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
Kconfig integrity: move ima inode integrity data management 2011-07-18 12:29:38 -04:00
lsm_audit.c LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH 2011-04-25 18:14:07 -04:00
Makefile integrity: move ima inode integrity data management 2011-07-18 12:29:38 -04:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c Merge branch 'next-evm' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/ima-2.6 into next 2011-08-09 10:31:03 +10:00