Home
last modified time | relevance | path

Searched hist:"1260 f801" (Results 1 – 2 of 2) sorted by relevance

/openbmc/linux/security/keys/
H A Drequest_key.c1260f801 Thu Aug 04 05:50:01 CDT 2005 David Howells <dhowells@redhat.com> [PATCH] Keys: Fix key management syscall interface bugs

This fixes five bugs in the key management syscall interface:

(1) add_key() returns 0 rather than EINVAL if the key type is "".

Checking the key type isn't "" should be left to lookup_user_key().

(2) request_key() returns ENOKEY rather than EPERM if the key type begins
with a ".".

lookup_user_key() can't do this because internal key types begin with a
".".

(3) Key revocation always returns 0, even if it fails.

(4) Key read can return EAGAIN rather than EACCES under some circumstances.

A key is permitted to by read by a process if it doesn't grant read
access, but it does grant search access and it is in the process's
keyrings. That search returns EAGAIN if it fails, and this needs
translating to EACCES.

(5) request_key() never adds the new key to the destination keyring if one is
supplied.

The wrong macro was being used to test for an error condition: PTR_ERR()
will always return true, whether or not there's an error; this should've
been IS_ERR().

Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-Off-By: Linus Torvalds <torvalds@osdl.org>
1260f801 Thu Aug 04 05:50:01 CDT 2005 David Howells <dhowells@redhat.com> [PATCH] Keys: Fix key management syscall interface bugs

This fixes five bugs in the key management syscall interface:

(1) add_key() returns 0 rather than EINVAL if the key type is "".

Checking the key type isn't "" should be left to lookup_user_key().

(2) request_key() returns ENOKEY rather than EPERM if the key type begins
with a ".".

lookup_user_key() can't do this because internal key types begin with a
".".

(3) Key revocation always returns 0, even if it fails.

(4) Key read can return EAGAIN rather than EACCES under some circumstances.

A key is permitted to by read by a process if it doesn't grant read
access, but it does grant search access and it is in the process's
keyrings. That search returns EAGAIN if it fails, and this needs
translating to EACCES.

(5) request_key() never adds the new key to the destination keyring if one is
supplied.

The wrong macro was being used to test for an error condition: PTR_ERR()
will always return true, whether or not there's an error; this should've
been IS_ERR().

Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-Off-By: Linus Torvalds <torvalds@osdl.org>
H A Dkeyctl.c1260f801 Thu Aug 04 05:50:01 CDT 2005 David Howells <dhowells@redhat.com> [PATCH] Keys: Fix key management syscall interface bugs

This fixes five bugs in the key management syscall interface:

(1) add_key() returns 0 rather than EINVAL if the key type is "".

Checking the key type isn't "" should be left to lookup_user_key().

(2) request_key() returns ENOKEY rather than EPERM if the key type begins
with a ".".

lookup_user_key() can't do this because internal key types begin with a
".".

(3) Key revocation always returns 0, even if it fails.

(4) Key read can return EAGAIN rather than EACCES under some circumstances.

A key is permitted to by read by a process if it doesn't grant read
access, but it does grant search access and it is in the process's
keyrings. That search returns EAGAIN if it fails, and this needs
translating to EACCES.

(5) request_key() never adds the new key to the destination keyring if one is
supplied.

The wrong macro was being used to test for an error condition: PTR_ERR()
will always return true, whether or not there's an error; this should've
been IS_ERR().

Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-Off-By: Linus Torvalds <torvalds@osdl.org>