unimore/kernel-hacking-2024-linux-steffo
unimore/kernel-hacking-2024-linux-steffo
1
Fork 0
Code Pull requests 5 Wiki Activity
kernel-hacking-2024-linux-s.../include
History
David Howells 879669961b KEYS/DNS: Fix ____call_usermodehelper() to not lose the session keyring 
____call_usermodehelper() now erases any credentials set by the
subprocess_inf::init() function.  The problem is that commit
17f60a7da1 ("capabilites: allow the application of capability limits
to usermode helpers") creates and commits new credentials with
prepare_kernel_cred() after the call to the init() function.  This wipes
all keyrings after umh_keys_init() is called.

The best way to deal with this is to put the init() call just prior to
the commit_creds() call, and pass the cred pointer to init().  That
means that umh_keys_init() and suchlike can modify the credentials
_before_ they are published and potentially in use by the rest of the
system.

This prevents request_key() from working as it is prevented from passing
the session keyring it set up with the authorisation token to
/sbin/request-key, and so the latter can't assume the authority to
instantiate the key.  This causes the in-kernel DNS resolver to fail
with ENOKEY unconditionally.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Eric Paris <eparis@redhat.com>
Tested-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-06-17 09:40:48 -07:00
..
acpi Merge branches 'acpica', 'aml-custom', 'bugzilla-16548', 'bugzilla-20242', 'd3-cold', 'ec-asus' and 'thermal-fix' into release 2011-05-29 04:38:48 -04:00
asm-generic include/asm-generic/pgtable.h: fix unbalanced parenthesis 2011-06-15 20:04:00 -07:00
crypto
drm drm/radeon: workaround a hw bug on some radeon chipsets with all-0 EDIDs. 2011-06-16 16:30:54 +10:00
keys
linux KEYS/DNS: Fix ____call_usermodehelper() to not lose the session keyring 2011-06-17 09:40:48 -07:00
math-emu
media [media] v4l: Fix media_entity_to_video_device macro argument name 2011-06-01 09:42:03 -03:00
mtd
net Delay struct net freeing while there's a sysfs instance refering to it 2011-06-12 17:45:41 -04:00
pcmcia
rdma
rxrpc
scsi
sound
target
trace vmscan: implement swap token priority aging 2011-06-15 20:03:59 -07:00
video
xen
Kbuild