Commit 3ecf1b4f347210e39b156177e5b8a26ff8d00279
Committed by
James Morris
1 parent
995995378f
Exists in
master
and in
20 other branches
KEYS: keyctl_get_keyring_ID() should create a session keyring if create flag set
The keyctl call: keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 1) should create a session keyring if the process doesn't have one of its own because the create flag argument is set - rather than subscribing to and returning the user-session keyring as: keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 0) will do. This can be tested by commenting out pam_keyinit in the /etc/pam.d files and running the following program a couple of times in a row: #include <stdio.h> #include <stdlib.h> #include <keyutils.h> int main(int argc, char *argv[]) { key_serial_t uk, usk, sk, nsk; uk = keyctl_get_keyring_ID(KEY_SPEC_USER_KEYRING, 0); usk = keyctl_get_keyring_ID(KEY_SPEC_USER_SESSION_KEYRING, 0); sk = keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 0); nsk = keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 1); printf("keys: %08x %08x %08x %08x\n", uk, usk, sk, nsk); return 0; } Without this patch, I see: keys: 3975ddc7 119c0c66 119c0c66 119c0c66 keys: 3975ddc7 119c0c66 119c0c66 119c0c66 With this patch, I see: keys: 2cb4997b 34112878 34112878 17db2ce3 keys: 2cb4997b 34112878 34112878 39f3c73e As can be seen, the session keyring starts off the same as the user-session keyring each time, but with the patch a new session keyring is created when the create flag is set. Reported-by: Greg Wettstein <greg@enjellic.com> Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Greg Wettstein <greg@enjellic.com> Signed-off-by: James Morris <jmorris@namei.org>
Showing 1 changed file with 12 additions and 2 deletions Side-by-side Diff
security/keys/process_keys.c
... | ... | @@ -589,9 +589,19 @@ |
589 | 589 | ret = install_user_keyrings(); |
590 | 590 | if (ret < 0) |
591 | 591 | goto error; |
592 | - ret = install_session_keyring( | |
593 | - cred->user->session_keyring); | |
592 | + if (lflags & KEY_LOOKUP_CREATE) | |
593 | + ret = join_session_keyring(NULL); | |
594 | + else | |
595 | + ret = install_session_keyring( | |
596 | + cred->user->session_keyring); | |
594 | 597 | |
598 | + if (ret < 0) | |
599 | + goto error; | |
600 | + goto reget_creds; | |
601 | + } else if (cred->tgcred->session_keyring == | |
602 | + cred->user->session_keyring && | |
603 | + lflags & KEY_LOOKUP_CREATE) { | |
604 | + ret = join_session_keyring(NULL); | |
595 | 605 | if (ret < 0) |
596 | 606 | goto error; |
597 | 607 | goto reget_creds; |