• David Howells's avatar
    keys: don't generate user and user session keyrings unless they're accessed · 69664cf1
    David Howells authored
    Don't generate the per-UID user and user session keyrings unless they're
    explicitly accessed.  This solves a problem during a login process whereby
    set*uid() is called before the SELinux PAM module, resulting in the per-UID
    keyrings having the wrong security labels.
    
    This also cures the problem of multiple per-UID keyrings sometimes appearing
    due to PAM modules (including pam_keyinit) setuiding and causing user_structs
    to come into and go out of existence whilst the session keyring pins the user
    keyring.  This is achieved by first searching for extant per-UID keyrings
    before inventing new ones.
    
    The serial bound argument is also dropped from find_keyring_by_name() as it's
    not currently made use of (setting it to 0 disables the feature).
    Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
    Cc: <kwc@citi.umich.edu>
    Cc: <arunsr@cse.iitk.ac.in>
    Cc: <dwalsh@redhat.com>
    Cc: Stephen Smalley <sds@tycho.nsa.gov>
    Cc: James Morris <jmorris@namei.org>
    Cc: Chris Wright <chrisw@sous-sol.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    69664cf1
process_keys.c 18.4 KB