From: Jeff Layton <jlayton@redhat.com> Date: Thu, 8 Jul 2010 14:00:26 -0400 Subject: [security] keys: new key flag for add_key from userspace Message-id: <1278597627-23193-2-git-send-email-jlayton@redhat.com> Patchwork-id: 26762 O-Subject: [RHEL5.6 PATCH 1/2] BZ#612171: keys: new key flag to indicate an add_key from userspace Bugzilla: 612171 CVE: CVE-2010-2524 RH-Acked-by: Steve Dickson <SteveD@redhat.com> RH-Acked-by: David Howells <dhowells@redhat.com> For some keys, we don't really want to allow users to stuff the keyring with values of their own choosing. Add a new key flag that indicates that an instantiation request is for an add_key() call from userspace. The instantiation routine for the key can then reject requests based on this if it needs to. Signed-off-by: Jeff Layton <jlayton@redhat.com> diff --git a/include/linux/key.h b/include/linux/key.h index 451063a..51c1bcb 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -150,6 +150,7 @@ struct key { #define KEY_FLAG_IN_QUOTA 3 /* set if key consumes quota */ #define KEY_FLAG_USER_CONSTRUCT 4 /* set if key is being constructed in userspace */ #define KEY_FLAG_NEGATIVE 5 /* set if key is negative */ +#define KEY_FLAG_ADDED 6 /* set if key is being added via userspace add_key */ /* the description string * - this is used to match a key against search criteria diff --git a/security/keys/key.c b/security/keys/key.c index 98f1f85..52b7b55 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -839,6 +839,9 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, goto error_3; } + /* this is an unsolicited add_key() call from userspace */ + set_bit(KEY_FLAG_ADDED, &key->flags); + /* instantiate it and link it into the target keyring */ ret = __key_instantiate_and_link(key, payload, plen, keyring, NULL); if (ret < 0) {