[linux-cifs-client] Fwd: patch
keys-make-request-key-instantiate-the-per-user-keyrings.patch
added to 2.6.27-stable tree
Steve French
smfrench at gmail.com
Tue Nov 11 21:05:21 GMT 2008
This can prevent an oops when cifs is using krb5 auth
---------- Forwarded message ----------
From: <gregkh at suse.de>
Date: Tue, Nov 11, 2008 at 3:03 PM
Subject: patch keys-make-request-key-instantiate-the-per-user-keyrings.patch
added to 2.6.27-stable tree
To: dhowells at redhat.com, gregkh at suse.de, rutger.nijlunsing at gmail.com,
smfrench at gmail.com, torvalds at linux-foundation.org
Cc: stable at kernel.org, stable-commits at vger.kernel.org
This is a note to let you know that we have just queued up the patch titled
Subject: KEYS: Make request key instantiate the per-user keyrings
to the 2.6.27-stable tree. Its filename is
keys-make-request-key-instantiate-the-per-user-keyrings.patch
A git repo of this tree can be found at
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
>From 1f8f5cf6e4f038552a3e47b66085452c08556d71 Mon Sep 17 00:00:00 2001
From: David Howells <dhowells at redhat.com>
Date: Mon, 10 Nov 2008 19:00:05 +0000
Subject: KEYS: Make request key instantiate the per-user keyrings
From: David Howells <dhowells at redhat.com>
commit 1f8f5cf6e4f038552a3e47b66085452c08556d71 upstream
Make request_key() instantiate the per-user keyrings so that it doesn't oops
if it needs to get hold of the user session keyring because there isn't a
session keyring in place.
Signed-off-by: David Howells <dhowells at redhat.com>
Tested-by: Steve French <smfrench at gmail.com>
Tested-by: Rutger Nijlunsing <rutger.nijlunsing at gmail.com>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
security/keys/internal.h | 1 +
security/keys/process_keys.c | 2 +-
security/keys/request_key.c | 4 ++++
3 files changed, 6 insertions(+), 1 deletion(-)
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -107,6 +107,7 @@ extern key_ref_t search_process_keyrings
extern struct key *find_keyring_by_name(const char *name, bool
skip_perm_check);
+extern int install_user_keyrings(struct task_struct *tsk);
extern int install_thread_keyring(struct task_struct *tsk);
extern int install_process_keyring(struct task_struct *tsk);
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -40,7 +40,7 @@ struct key_user root_key_user = {
/*
* install user and user session keyrings for a particular UID
*/
-static int install_user_keyrings(struct task_struct *tsk)
+int install_user_keyrings(struct task_struct *tsk)
{
struct user_struct *user = tsk->user;
struct key *uid_keyring, *session_keyring;
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -74,6 +74,10 @@ static int call_sbin_request_key(struct
kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
+ ret = install_user_keyrings(tsk);
+ if (ret < 0)
+ goto error_alloc;
+
/* allocate a new session keyring */
sprintf(desc, "_req.%u", key->serial);
Patches currently in stable-queue which might be from dhowells at redhat.com are
queue-2.6.27/keys-make-request-key-instantiate-the-per-user-keyrings.patch
--
Thanks,
Steve
More information about the linux-cifs-client
mailing list