| process_keys.c (8bbf4976b59fc9fc2861e79cab7beb3f6d647640) | process_keys.c (b6dff3ec5e116e3af6f537d4caedcad6b9e5082a) |
|---|---|
| 1/* Management of a process's keyrings 2 * 3 * Copyright (C) 2004-2005, 2008 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 28 unchanged lines hidden (view full) --- 37}; 38 39/*****************************************************************************/ 40/* 41 * install user and user session keyrings for a particular UID 42 */ 43int install_user_keyrings(void) 44{ | 1/* Management of a process's keyrings 2 * 3 * Copyright (C) 2004-2005, 2008 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 28 unchanged lines hidden (view full) --- 37}; 38 39/*****************************************************************************/ 40/* 41 * install user and user session keyrings for a particular UID 42 */ 43int install_user_keyrings(void) 44{ |
| 45 struct user_struct *user = current->user; | 45 struct user_struct *user = current->cred->user; |
| 46 struct key *uid_keyring, *session_keyring; 47 char buf[20]; 48 int ret; 49 50 kenter("%p{%u}", user, user->uid); 51 52 if (user->uid_keyring) { 53 kleave(" = 0 [exist]"); --- 97 unchanged lines hidden (view full) --- 151{ 152 struct task_struct *tsk = current; 153 struct key *keyring, *old; 154 char buf[20]; 155 int ret; 156 157 sprintf(buf, "_tid.%u", tsk->pid); 158 | 46 struct key *uid_keyring, *session_keyring; 47 char buf[20]; 48 int ret; 49 50 kenter("%p{%u}", user, user->uid); 51 52 if (user->uid_keyring) { 53 kleave(" = 0 [exist]"); --- 97 unchanged lines hidden (view full) --- 151{ 152 struct task_struct *tsk = current; 153 struct key *keyring, *old; 154 char buf[20]; 155 int ret; 156 157 sprintf(buf, "_tid.%u", tsk->pid); 158 |
| 159 keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk, | 159 keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk, |
| 160 KEY_ALLOC_QUOTA_OVERRUN, NULL); 161 if (IS_ERR(keyring)) { 162 ret = PTR_ERR(keyring); 163 goto error; 164 } 165 166 task_lock(tsk); | 160 KEY_ALLOC_QUOTA_OVERRUN, NULL); 161 if (IS_ERR(keyring)) { 162 ret = PTR_ERR(keyring); 163 goto error; 164 } 165 166 task_lock(tsk); |
| 167 old = tsk->thread_keyring; 168 tsk->thread_keyring = keyring; | 167 old = tsk->cred->thread_keyring; 168 tsk->cred->thread_keyring = keyring; |
| 169 task_unlock(tsk); 170 171 ret = 0; 172 173 key_put(old); 174error: 175 return ret; 176 --- 10 unchanged lines hidden (view full) --- 187 char buf[20]; 188 int ret; 189 190 might_sleep(); 191 192 if (!tsk->signal->process_keyring) { 193 sprintf(buf, "_pid.%u", tsk->tgid); 194 | 169 task_unlock(tsk); 170 171 ret = 0; 172 173 key_put(old); 174error: 175 return ret; 176 --- 10 unchanged lines hidden (view full) --- 187 char buf[20]; 188 int ret; 189 190 might_sleep(); 191 192 if (!tsk->signal->process_keyring) { 193 sprintf(buf, "_pid.%u", tsk->tgid); 194 |
| 195 keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk, | 195 keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk, |
| 196 KEY_ALLOC_QUOTA_OVERRUN, NULL); 197 if (IS_ERR(keyring)) { 198 ret = PTR_ERR(keyring); 199 goto error; 200 } 201 202 /* attach keyring */ 203 spin_lock_irq(&tsk->sighand->siglock); --- 29 unchanged lines hidden (view full) --- 233 /* create an empty session keyring */ 234 if (!keyring) { 235 sprintf(buf, "_ses.%u", tsk->tgid); 236 237 flags = KEY_ALLOC_QUOTA_OVERRUN; 238 if (tsk->signal->session_keyring) 239 flags = KEY_ALLOC_IN_QUOTA; 240 | 196 KEY_ALLOC_QUOTA_OVERRUN, NULL); 197 if (IS_ERR(keyring)) { 198 ret = PTR_ERR(keyring); 199 goto error; 200 } 201 202 /* attach keyring */ 203 spin_lock_irq(&tsk->sighand->siglock); --- 29 unchanged lines hidden (view full) --- 233 /* create an empty session keyring */ 234 if (!keyring) { 235 sprintf(buf, "_ses.%u", tsk->tgid); 236 237 flags = KEY_ALLOC_QUOTA_OVERRUN; 238 if (tsk->signal->session_keyring) 239 flags = KEY_ALLOC_IN_QUOTA; 240 |
| 241 keyring = keyring_alloc(buf, tsk->uid, tsk->gid, tsk, | 241 keyring = keyring_alloc(buf, tsk->cred->uid, tsk->cred->gid, tsk, |
| 242 flags, NULL); 243 if (IS_ERR(keyring)) 244 return PTR_ERR(keyring); 245 } 246 else { 247 atomic_inc(&keyring->usage); 248 } 249 --- 37 unchanged lines hidden (view full) --- 287} /* end copy_thread_group_keys() */ 288 289/*****************************************************************************/ 290/* 291 * copy the keys for fork 292 */ 293int copy_keys(unsigned long clone_flags, struct task_struct *tsk) 294{ | 242 flags, NULL); 243 if (IS_ERR(keyring)) 244 return PTR_ERR(keyring); 245 } 246 else { 247 atomic_inc(&keyring->usage); 248 } 249 --- 37 unchanged lines hidden (view full) --- 287} /* end copy_thread_group_keys() */ 288 289/*****************************************************************************/ 290/* 291 * copy the keys for fork 292 */ 293int copy_keys(unsigned long clone_flags, struct task_struct *tsk) 294{ |
| 295 key_check(tsk->thread_keyring); 296 key_check(tsk->request_key_auth); | 295 key_check(tsk->cred->thread_keyring); 296 key_check(tsk->cred->request_key_auth); |
| 297 298 /* no thread keyring yet */ | 297 298 /* no thread keyring yet */ |
| 299 tsk->thread_keyring = NULL; | 299 tsk->cred->thread_keyring = NULL; |
| 300 301 /* copy the request_key() authorisation for this thread */ | 300 301 /* copy the request_key() authorisation for this thread */ |
| 302 key_get(tsk->request_key_auth); | 302 key_get(tsk->cred->request_key_auth); |
| 303 304 return 0; 305 306} /* end copy_keys() */ 307 308/*****************************************************************************/ 309/* 310 * dispose of thread group keys upon thread group destruction --- 6 unchanged lines hidden (view full) --- 317} /* end exit_thread_group_keys() */ 318 319/*****************************************************************************/ 320/* 321 * dispose of per-thread keys upon thread exit 322 */ 323void exit_keys(struct task_struct *tsk) 324{ | 303 304 return 0; 305 306} /* end copy_keys() */ 307 308/*****************************************************************************/ 309/* 310 * dispose of thread group keys upon thread group destruction --- 6 unchanged lines hidden (view full) --- 317} /* end exit_thread_group_keys() */ 318 319/*****************************************************************************/ 320/* 321 * dispose of per-thread keys upon thread exit 322 */ 323void exit_keys(struct task_struct *tsk) 324{ |
| 325 key_put(tsk->thread_keyring); 326 key_put(tsk->request_key_auth); | 325 key_put(tsk->cred->thread_keyring); 326 key_put(tsk->cred->request_key_auth); |
| 327 328} /* end exit_keys() */ 329 330/*****************************************************************************/ 331/* 332 * deal with execve() 333 */ 334int exec_keys(struct task_struct *tsk) 335{ 336 struct key *old; 337 338 /* newly exec'd tasks don't get a thread keyring */ 339 task_lock(tsk); | 327 328} /* end exit_keys() */ 329 330/*****************************************************************************/ 331/* 332 * deal with execve() 333 */ 334int exec_keys(struct task_struct *tsk) 335{ 336 struct key *old; 337 338 /* newly exec'd tasks don't get a thread keyring */ 339 task_lock(tsk); |
| 340 old = tsk->thread_keyring; 341 tsk->thread_keyring = NULL; | 340 old = tsk->cred->thread_keyring; 341 tsk->cred->thread_keyring = NULL; |
| 342 task_unlock(tsk); 343 344 key_put(old); 345 346 /* discard the process keyring from a newly exec'd task */ 347 spin_lock_irq(&tsk->sighand->siglock); 348 old = tsk->signal->process_keyring; 349 tsk->signal->process_keyring = NULL; --- 18 unchanged lines hidden (view full) --- 368 369/*****************************************************************************/ 370/* 371 * the filesystem user ID changed 372 */ 373void key_fsuid_changed(struct task_struct *tsk) 374{ 375 /* update the ownership of the thread keyring */ | 342 task_unlock(tsk); 343 344 key_put(old); 345 346 /* discard the process keyring from a newly exec'd task */ 347 spin_lock_irq(&tsk->sighand->siglock); 348 old = tsk->signal->process_keyring; 349 tsk->signal->process_keyring = NULL; --- 18 unchanged lines hidden (view full) --- 368 369/*****************************************************************************/ 370/* 371 * the filesystem user ID changed 372 */ 373void key_fsuid_changed(struct task_struct *tsk) 374{ 375 /* update the ownership of the thread keyring */ |
| 376 if (tsk->thread_keyring) { 377 down_write(&tsk->thread_keyring->sem); 378 tsk->thread_keyring->uid = tsk->fsuid; 379 up_write(&tsk->thread_keyring->sem); | 376 BUG_ON(!tsk->cred); 377 if (tsk->cred->thread_keyring) { 378 down_write(&tsk->cred->thread_keyring->sem); 379 tsk->cred->thread_keyring->uid = tsk->cred->fsuid; 380 up_write(&tsk->cred->thread_keyring->sem); |
| 380 } 381 382} /* end key_fsuid_changed() */ 383 384/*****************************************************************************/ 385/* 386 * the filesystem group ID changed 387 */ 388void key_fsgid_changed(struct task_struct *tsk) 389{ 390 /* update the ownership of the thread keyring */ | 381 } 382 383} /* end key_fsuid_changed() */ 384 385/*****************************************************************************/ 386/* 387 * the filesystem group ID changed 388 */ 389void key_fsgid_changed(struct task_struct *tsk) 390{ 391 /* update the ownership of the thread keyring */ |
| 391 if (tsk->thread_keyring) { 392 down_write(&tsk->thread_keyring->sem); 393 tsk->thread_keyring->gid = tsk->fsgid; 394 up_write(&tsk->thread_keyring->sem); | 392 BUG_ON(!tsk->cred); 393 if (tsk->cred->thread_keyring) { 394 down_write(&tsk->cred->thread_keyring->sem); 395 tsk->cred->thread_keyring->gid = tsk->cred->fsgid; 396 up_write(&tsk->cred->thread_keyring->sem); |
| 395 } 396 397} /* end key_fsgid_changed() */ 398 399/*****************************************************************************/ 400/* 401 * search the process keyrings for the first matching key 402 * - we use the supplied match function to see if the description (or other --- 18 unchanged lines hidden (view full) --- 421 * 422 * in terms of priority: success > -ENOKEY > -EAGAIN > other error 423 */ 424 key_ref = NULL; 425 ret = NULL; 426 err = ERR_PTR(-EAGAIN); 427 428 /* search the thread keyring first */ | 397 } 398 399} /* end key_fsgid_changed() */ 400 401/*****************************************************************************/ 402/* 403 * search the process keyrings for the first matching key 404 * - we use the supplied match function to see if the description (or other --- 18 unchanged lines hidden (view full) --- 423 * 424 * in terms of priority: success > -ENOKEY > -EAGAIN > other error 425 */ 426 key_ref = NULL; 427 ret = NULL; 428 err = ERR_PTR(-EAGAIN); 429 430 /* search the thread keyring first */ |
| 429 if (context->thread_keyring) { | 431 if (context->cred->thread_keyring) { |
| 430 key_ref = keyring_search_aux( | 432 key_ref = keyring_search_aux( |
| 431 make_key_ref(context->thread_keyring, 1), | 433 make_key_ref(context->cred->thread_keyring, 1), |
| 432 context, type, description, match); 433 if (!IS_ERR(key_ref)) 434 goto found; 435 436 switch (PTR_ERR(key_ref)) { 437 case -EAGAIN: /* no key */ 438 if (ret) 439 break; --- 48 unchanged lines hidden (view full) --- 488 ret = key_ref; 489 break; 490 default: 491 err = key_ref; 492 break; 493 } 494 } 495 /* or search the user-session keyring */ | 434 context, type, description, match); 435 if (!IS_ERR(key_ref)) 436 goto found; 437 438 switch (PTR_ERR(key_ref)) { 439 case -EAGAIN: /* no key */ 440 if (ret) 441 break; --- 48 unchanged lines hidden (view full) --- 490 ret = key_ref; 491 break; 492 default: 493 err = key_ref; 494 break; 495 } 496 } 497 /* or search the user-session keyring */ |
| 496 else if (context->user->session_keyring) { | 498 else if (context->cred->user->session_keyring) { |
| 497 key_ref = keyring_search_aux( | 499 key_ref = keyring_search_aux( |
| 498 make_key_ref(context->user->session_keyring, 1), | 500 make_key_ref(context->cred->user->session_keyring, 1), |
| 499 context, type, description, match); 500 if (!IS_ERR(key_ref)) 501 goto found; 502 503 switch (PTR_ERR(key_ref)) { 504 case -EAGAIN: /* no key */ 505 if (ret) 506 break; --- 5 unchanged lines hidden (view full) --- 512 break; 513 } 514 } 515 516 /* if this process has an instantiation authorisation key, then we also 517 * search the keyrings of the process mentioned there 518 * - we don't permit access to request_key auth keys via this method 519 */ | 501 context, type, description, match); 502 if (!IS_ERR(key_ref)) 503 goto found; 504 505 switch (PTR_ERR(key_ref)) { 506 case -EAGAIN: /* no key */ 507 if (ret) 508 break; --- 5 unchanged lines hidden (view full) --- 514 break; 515 } 516 } 517 518 /* if this process has an instantiation authorisation key, then we also 519 * search the keyrings of the process mentioned there 520 * - we don't permit access to request_key auth keys via this method 521 */ |
| 520 if (context->request_key_auth && | 522 if (context->cred->request_key_auth && |
| 521 context == current && 522 type != &key_type_request_key_auth 523 ) { 524 /* defend against the auth key being revoked */ | 523 context == current && 524 type != &key_type_request_key_auth 525 ) { 526 /* defend against the auth key being revoked */ |
| 525 down_read(&context->request_key_auth->sem); | 527 down_read(&context->cred->request_key_auth->sem); |
| 526 | 528 |
| 527 if (key_validate(context->request_key_auth) == 0) { 528 rka = context->request_key_auth->payload.data; | 529 if (key_validate(context->cred->request_key_auth) == 0) { 530 rka = context->cred->request_key_auth->payload.data; |
| 529 530 key_ref = search_process_keyrings(type, description, 531 match, rka->context); 532 | 531 532 key_ref = search_process_keyrings(type, description, 533 match, rka->context); 534 |
| 533 up_read(&context->request_key_auth->sem); | 535 up_read(&context->cred->request_key_auth->sem); |
| 534 535 if (!IS_ERR(key_ref)) 536 goto found; 537 538 switch (PTR_ERR(key_ref)) { 539 case -EAGAIN: /* no key */ 540 if (ret) 541 break; 542 case -ENOKEY: /* negative key */ 543 ret = key_ref; 544 break; 545 default: 546 err = key_ref; 547 break; 548 } 549 } else { | 536 537 if (!IS_ERR(key_ref)) 538 goto found; 539 540 switch (PTR_ERR(key_ref)) { 541 case -EAGAIN: /* no key */ 542 if (ret) 543 break; 544 case -ENOKEY: /* negative key */ 545 ret = key_ref; 546 break; 547 default: 548 err = key_ref; 549 break; 550 } 551 } else { |
| 550 up_read(&context->request_key_auth->sem); | 552 up_read(&context->cred->request_key_auth->sem); |
| 551 } 552 } 553 554 /* no key - decide on the error we're going to go for */ 555 key_ref = ret ? ret : err; 556 557found: 558 return key_ref; --- 16 unchanged lines hidden (view full) --- 575 * - don't create special keyrings unless so requested 576 * - partially constructed keys aren't found unless requested 577 */ 578key_ref_t lookup_user_key(key_serial_t id, int create, int partial, 579 key_perm_t perm) 580{ 581 struct request_key_auth *rka; 582 struct task_struct *t = current; | 553 } 554 } 555 556 /* no key - decide on the error we're going to go for */ 557 key_ref = ret ? ret : err; 558 559found: 560 return key_ref; --- 16 unchanged lines hidden (view full) --- 577 * - don't create special keyrings unless so requested 578 * - partially constructed keys aren't found unless requested 579 */ 580key_ref_t lookup_user_key(key_serial_t id, int create, int partial, 581 key_perm_t perm) 582{ 583 struct request_key_auth *rka; 584 struct task_struct *t = current; |
| 583 key_ref_t key_ref, skey_ref; | 585 struct cred *cred = t->cred; |
| 584 struct key *key; | 586 struct key *key; |
| 587 key_ref_t key_ref, skey_ref; |
|
| 585 int ret; 586 587 key_ref = ERR_PTR(-ENOKEY); 588 589 switch (id) { 590 case KEY_SPEC_THREAD_KEYRING: | 588 int ret; 589 590 key_ref = ERR_PTR(-ENOKEY); 591 592 switch (id) { 593 case KEY_SPEC_THREAD_KEYRING: |
| 591 if (!t->thread_keyring) { | 594 if (!cred->thread_keyring) { |
| 592 if (!create) 593 goto error; 594 595 ret = install_thread_keyring(); 596 if (ret < 0) { 597 key = ERR_PTR(ret); 598 goto error; 599 } 600 } 601 | 595 if (!create) 596 goto error; 597 598 ret = install_thread_keyring(); 599 if (ret < 0) { 600 key = ERR_PTR(ret); 601 goto error; 602 } 603 } 604 |
| 602 key = t->thread_keyring; | 605 key = cred->thread_keyring; |
| 603 atomic_inc(&key->usage); 604 key_ref = make_key_ref(key, 1); 605 break; 606 607 case KEY_SPEC_PROCESS_KEYRING: 608 if (!t->signal->process_keyring) { 609 if (!create) 610 goto error; --- 12 unchanged lines hidden (view full) --- 623 624 case KEY_SPEC_SESSION_KEYRING: 625 if (!t->signal->session_keyring) { 626 /* always install a session keyring upon access if one 627 * doesn't exist yet */ 628 ret = install_user_keyrings(); 629 if (ret < 0) 630 goto error; | 606 atomic_inc(&key->usage); 607 key_ref = make_key_ref(key, 1); 608 break; 609 610 case KEY_SPEC_PROCESS_KEYRING: 611 if (!t->signal->process_keyring) { 612 if (!create) 613 goto error; --- 12 unchanged lines hidden (view full) --- 626 627 case KEY_SPEC_SESSION_KEYRING: 628 if (!t->signal->session_keyring) { 629 /* always install a session keyring upon access if one 630 * doesn't exist yet */ 631 ret = install_user_keyrings(); 632 if (ret < 0) 633 goto error; |
| 631 ret = install_session_keyring(t->user->session_keyring); | 634 ret = install_session_keyring( 635 cred->user->session_keyring); |
| 632 if (ret < 0) 633 goto error; 634 } 635 636 rcu_read_lock(); 637 key = rcu_dereference(t->signal->session_keyring); 638 atomic_inc(&key->usage); 639 rcu_read_unlock(); 640 key_ref = make_key_ref(key, 1); 641 break; 642 643 case KEY_SPEC_USER_KEYRING: | 636 if (ret < 0) 637 goto error; 638 } 639 640 rcu_read_lock(); 641 key = rcu_dereference(t->signal->session_keyring); 642 atomic_inc(&key->usage); 643 rcu_read_unlock(); 644 key_ref = make_key_ref(key, 1); 645 break; 646 647 case KEY_SPEC_USER_KEYRING: |
| 644 if (!t->user->uid_keyring) { | 648 if (!cred->user->uid_keyring) { |
| 645 ret = install_user_keyrings(); 646 if (ret < 0) 647 goto error; 648 } 649 | 649 ret = install_user_keyrings(); 650 if (ret < 0) 651 goto error; 652 } 653 |
| 650 key = t->user->uid_keyring; | 654 key = cred->user->uid_keyring; |
| 651 atomic_inc(&key->usage); 652 key_ref = make_key_ref(key, 1); 653 break; 654 655 case KEY_SPEC_USER_SESSION_KEYRING: | 655 atomic_inc(&key->usage); 656 key_ref = make_key_ref(key, 1); 657 break; 658 659 case KEY_SPEC_USER_SESSION_KEYRING: |
| 656 if (!t->user->session_keyring) { | 660 if (!cred->user->session_keyring) { |
| 657 ret = install_user_keyrings(); 658 if (ret < 0) 659 goto error; 660 } 661 | 661 ret = install_user_keyrings(); 662 if (ret < 0) 663 goto error; 664 } 665 |
| 662 key = t->user->session_keyring; | 666 key = cred->user->session_keyring; |
| 663 atomic_inc(&key->usage); 664 key_ref = make_key_ref(key, 1); 665 break; 666 667 case KEY_SPEC_GROUP_KEYRING: 668 /* group keyrings are not yet supported */ 669 key = ERR_PTR(-EINVAL); 670 goto error; 671 672 case KEY_SPEC_REQKEY_AUTH_KEY: | 667 atomic_inc(&key->usage); 668 key_ref = make_key_ref(key, 1); 669 break; 670 671 case KEY_SPEC_GROUP_KEYRING: 672 /* group keyrings are not yet supported */ 673 key = ERR_PTR(-EINVAL); 674 goto error; 675 676 case KEY_SPEC_REQKEY_AUTH_KEY: |
| 673 key = t->request_key_auth; | 677 key = cred->request_key_auth; |
| 674 if (!key) 675 goto error; 676 677 atomic_inc(&key->usage); 678 key_ref = make_key_ref(key, 1); 679 break; 680 681 case KEY_SPEC_REQUESTOR_KEYRING: | 678 if (!key) 679 goto error; 680 681 atomic_inc(&key->usage); 682 key_ref = make_key_ref(key, 1); 683 break; 684 685 case KEY_SPEC_REQUESTOR_KEYRING: |
| 682 if (!t->request_key_auth) | 686 if (!cred->request_key_auth) |
| 683 goto error; 684 | 687 goto error; 688 |
| 685 down_read(&t->request_key_auth->sem); 686 if (t->request_key_auth->flags & KEY_FLAG_REVOKED) { | 689 down_read(&cred->request_key_auth->sem); 690 if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) { |
| 687 key_ref = ERR_PTR(-EKEYREVOKED); 688 key = NULL; 689 } else { | 691 key_ref = ERR_PTR(-EKEYREVOKED); 692 key = NULL; 693 } else { |
| 690 rka = t->request_key_auth->payload.data; | 694 rka = cred->request_key_auth->payload.data; |
| 691 key = rka->dest_keyring; 692 atomic_inc(&key->usage); 693 } | 695 key = rka->dest_keyring; 696 atomic_inc(&key->usage); 697 } |
| 694 up_read(&t->request_key_auth->sem); | 698 up_read(&cred->request_key_auth->sem); |
| 695 if (!key) 696 goto error; 697 key_ref = make_key_ref(key, 1); 698 break; 699 700 default: 701 key_ref = ERR_PTR(-EINVAL); 702 if (id < 1) --- 83 unchanged lines hidden (view full) --- 786 787 /* allow the user to join or create a named keyring */ 788 mutex_lock(&key_session_mutex); 789 790 /* look for an existing keyring of this name */ 791 keyring = find_keyring_by_name(name, false); 792 if (PTR_ERR(keyring) == -ENOKEY) { 793 /* not found - try and create a new one */ | 699 if (!key) 700 goto error; 701 key_ref = make_key_ref(key, 1); 702 break; 703 704 default: 705 key_ref = ERR_PTR(-EINVAL); 706 if (id < 1) --- 83 unchanged lines hidden (view full) --- 790 791 /* allow the user to join or create a named keyring */ 792 mutex_lock(&key_session_mutex); 793 794 /* look for an existing keyring of this name */ 795 keyring = find_keyring_by_name(name, false); 796 if (PTR_ERR(keyring) == -ENOKEY) { 797 /* not found - try and create a new one */ |
| 794 keyring = keyring_alloc(name, tsk->uid, tsk->gid, tsk, | 798 keyring = keyring_alloc(name, tsk->cred->uid, tsk->cred->gid, tsk, |
| 795 KEY_ALLOC_IN_QUOTA, NULL); 796 if (IS_ERR(keyring)) { 797 ret = PTR_ERR(keyring); 798 goto error2; 799 } 800 } 801 else if (IS_ERR(keyring)) { 802 ret = PTR_ERR(keyring); --- 17 unchanged lines hidden --- | 799 KEY_ALLOC_IN_QUOTA, NULL); 800 if (IS_ERR(keyring)) { 801 ret = PTR_ERR(keyring); 802 goto error2; 803 } 804 } 805 else if (IS_ERR(keyring)) { 806 ret = PTR_ERR(keyring); --- 17 unchanged lines hidden --- |