From: Linus Torvalds Date: Sun, 16 Dec 2012 23:40:50 +0000 (-0800) Subject: Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris... X-Git-Tag: firefly_0821_release~3680^2~1431 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=2a74dbb9a86e8102dcd07d284135b4530a84826e;p=firefly-linux-kernel-4.4.55.git Merge branch 'for-linus' of git://git./linux/kernel/git/jmorris/linux-security Pull security subsystem updates from James Morris: "A quiet cycle for the security subsystem with just a few maintenance updates." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: Smack: create a sysfs mount point for smackfs Smack: use select not depends in Kconfig Yama: remove locking from delete path Yama: add RCU to drop read locking drivers/char/tpm: remove tasklet and cleanup KEYS: Use keyring_alloc() to create special keyrings KEYS: Reduce initial permissions on keys KEYS: Make the session and process keyrings per-thread seccomp: Make syscall skipping and nr changes more consistent key: Fix resource leak keys: Fix unreachable code KEYS: Add payload preparsing opportunity prior to key instantiate or update --- 2a74dbb9a86e8102dcd07d284135b4530a84826e diff --cc include/linux/key.h index 2393b1c040b6,890699815212..4dfde1161c5e --- a/include/linux/key.h +++ b/include/linux/key.h @@@ -263,8 -262,9 +263,9 @@@ extern int key_link(struct key *keyring extern int key_unlink(struct key *keyring, struct key *key); -extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, +extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, const struct cred *cred, + key_perm_t perm, unsigned long flags, struct key *dest); diff --cc net/dns_resolver/dns_key.c index 8aa4b1115384,b53bb4a41daa..0a69d0757795 --- a/net/dns_resolver/dns_key.c +++ b/net/dns_resolver/dns_key.c @@@ -259,11 -259,10 +259,11 @@@ static int __init init_dns_resolver(voi if (!cred) return -ENOMEM; - keyring = key_alloc(&key_type_keyring, ".dns_resolver", - GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, - (KEY_POS_ALL & ~KEY_POS_SETATTR) | - KEY_USR_VIEW | KEY_USR_READ, - KEY_ALLOC_NOT_IN_QUOTA); - keyring = keyring_alloc(".dns_resolver", 0, 0, cred, ++ keyring = keyring_alloc(".dns_resolver", ++ GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, + (KEY_POS_ALL & ~KEY_POS_SETATTR) | + KEY_USR_VIEW | KEY_USR_READ, + KEY_ALLOC_NOT_IN_QUOTA, NULL); if (IS_ERR(keyring)) { ret = PTR_ERR(keyring); goto failed_put_cred; diff --cc security/keys/keyctl.c index 5d34b4e827d6,6d9d0c747525..4b5c948eb414 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@@ -1535,9 -1527,9 +1536,9 @@@ long keyctl_session_to_parent(void goto unlock; /* the keyrings must have the same UID */ - if ((pcred->tgcred->session_keyring && - !uid_eq(pcred->tgcred->session_keyring->uid, mycred->euid)) || - !uid_eq(mycred->tgcred->session_keyring->uid, mycred->euid)) + if ((pcred->session_keyring && - pcred->session_keyring->uid != mycred->euid) || - mycred->session_keyring->uid != mycred->euid) ++ !uid_eq(pcred->session_keyring->uid, mycred->euid)) || ++ !uid_eq(mycred->session_keyring->uid, mycred->euid)) goto unlock; /* cancel an already pending keyring replacement */ diff --cc security/keys/keyring.c index 6e42df15a24c,9270ba054a1e..6ece7f2e5707 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@@ -256,9 -256,9 +256,9 @@@ error /* * Allocate a keyring and link into the destination keyring. */ -struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, +struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, - const struct cred *cred, unsigned long flags, - struct key *dest) + const struct cred *cred, key_perm_t perm, + unsigned long flags, struct key *dest) { struct key *keyring; int ret; diff --cc security/keys/process_keys.c index 86468f385fc8,b58d93892740..58dfe0890947 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@@ -45,15 -46,15 +45,17 @@@ int install_user_keyrings(void struct user_struct *user; const struct cred *cred; struct key *uid_keyring, *session_keyring; + key_perm_t user_keyring_perm; char buf[20]; int ret; + uid_t uid; + user_keyring_perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL; cred = current_cred(); user = cred->user; + uid = from_kuid(cred->user_ns, user->uid); - kenter("%p{%u}", user, user->uid); + kenter("%p{%u}", user, uid); if (user->uid_keyring) { kleave(" = 0 [exist]"); @@@ -72,9 -73,9 +74,9 @@@ uid_keyring = find_keyring_by_name(buf, true); if (IS_ERR(uid_keyring)) { - uid_keyring = keyring_alloc(buf, user->uid, (gid_t) -1, + uid_keyring = keyring_alloc(buf, user->uid, INVALID_GID, - cred, KEY_ALLOC_IN_QUOTA, - NULL); + cred, user_keyring_perm, + KEY_ALLOC_IN_QUOTA, NULL); if (IS_ERR(uid_keyring)) { ret = PTR_ERR(uid_keyring); goto error; @@@ -88,8 -89,9 +90,9 @@@ session_keyring = find_keyring_by_name(buf, true); if (IS_ERR(session_keyring)) { session_keyring = - keyring_alloc(buf, user->uid, (gid_t) -1, + keyring_alloc(buf, user->uid, INVALID_GID, - cred, KEY_ALLOC_IN_QUOTA, NULL); + cred, user_keyring_perm, + KEY_ALLOC_IN_QUOTA, NULL); if (IS_ERR(session_keyring)) { ret = PTR_ERR(session_keyring); goto error_release;