Fix return code when adding keys (rhbz 1145318)
This commit is contained in:
Josh Boyer
parent
9dcf78723c
commit
20c23beaf6
|
|
@ -0,0 +1,45 @@
|
|||
From e6291fa2e457abd3ffc00855244bdff976b4134b Mon Sep 17 00:00:00 2001
|
||||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Tue, 16 Sep 2014 17:29:03 +0100
|
||||
Subject: [PATCH] KEYS: Reinstate EPERM for a key type name beginning with a
|
||||
'.'
|
||||
|
||||
Reinstate the generation of EPERM for a key type name beginning with a '.' in
|
||||
a userspace call. Types whose name begins with a '.' are internal only.
|
||||
|
||||
The test was removed by:
|
||||
|
||||
commit a4e3b8d79a5c6d40f4a9703abf7fe3abcc6c3b8d
|
||||
Author: Mimi Zohar <zohar@linux.vnet.ibm.com>
|
||||
Date: Thu May 22 14:02:23 2014 -0400
|
||||
Subject: KEYS: special dot prefixed keyring name bug fix
|
||||
|
||||
I think we want to keep the restriction on type name so that userspace can't
|
||||
add keys of a special internal type.
|
||||
|
||||
Note that removal of the test causes several of the tests in the keyutils
|
||||
testsuite to fail.
|
||||
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Acked-by: Vivek Goyal <vgoyal@redhat.com>
|
||||
cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
|
||||
---
|
||||
security/keys/keyctl.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
|
||||
index e26f860e5f2e..eff88a5f5d40 100644
|
||||
--- a/security/keys/keyctl.c
|
||||
+++ b/security/keys/keyctl.c
|
||||
@@ -37,6 +37,8 @@ static int key_get_type_from_user(char *type,
|
||||
return ret;
|
||||
if (ret == 0 || ret >= len)
|
||||
return -EINVAL;
|
||||
+ if (type[0] == '.')
|
||||
+ return -EPERM;
|
||||
type[len - 1] = '\0';
|
||||
return 0;
|
||||
}
|
||||
--
|
||||
1.9.3
|
||||
|
||||
|
|
@ -621,6 +621,9 @@ Patch26022: x86-efi-Delete-misleading-efi_printk-error-message.patch
|
|||
#rhbz 1123584
|
||||
Patch26028: HID-rmi-check-sanity-of-incoming-report.patch
|
||||
|
||||
#rhbz 1145318
|
||||
Patch26029: KEYS-Reinstate-EPERM-for-a-key-type-name-beginning-w.patch
|
||||
|
||||
# git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel
|
||||
Patch30000: kernel-arm64.patch
|
||||
|
||||
|
|
@ -1353,6 +1356,9 @@ ApplyPatch x86-efi-Delete-misleading-efi_printk-error-message.patch
|
|||
#rhbz 1123584
|
||||
ApplyPatch HID-rmi-check-sanity-of-incoming-report.patch
|
||||
|
||||
#rhbz 1145318
|
||||
ApplyPatch KEYS-Reinstate-EPERM-for-a-key-type-name-beginning-w.patch
|
||||
|
||||
%if 0%{?aarch64patches}
|
||||
ApplyPatch kernel-arm64.patch
|
||||
%ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does.
|
||||
|
|
@ -2222,6 +2228,7 @@ fi
|
|||
# || ||
|
||||
%changelog
|
||||
* Tue Sep 23 2014 Josh Boyer <jwboyer@fedoraproject.org>
|
||||
- Fix return code when adding keys (rhbz 1145318)
|
||||
- Add patch to fix XPS 13 touchpad issue (rhbz 1123584)
|
||||
|
||||
* Tue Sep 23 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.17.0-0.rc6.git1.1
|
||||
|
|
|
|||
Loading…
Reference in New Issue