diff options
author | Linus Torvalds | 2019-07-10 18:43:43 -0700 |
---|---|---|
committer | Linus Torvalds | 2019-07-10 18:43:43 -0700 |
commit | 028db3e290f15ac509084c0fc3b9d021f668f877 (patch) | |
tree | 7497244a90100f2464403063f88f83a555da03b3 /security/integrity/digsig.c | |
parent | e9a83bd2322035ed9d7dcf35753d3f984d76c6a5 (diff) |
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
This reverts merge 0f75ef6a9cff49ff612f7ce0578bced9d0b38325 (and thus
effectively commits
7a1ade847596 ("keys: Provide KEYCTL_GRANT_PERMISSION")
2e12256b9a76 ("keys: Replace uid/gid/perm permissions checking with an ACL")
that the merge brought in).
It turns out that it breaks booting with an encrypted volume, and Eric
biggers reports that it also breaks the fscrypt tests [1] and loading of
in-kernel X.509 certificates [2].
The root cause of all the breakage is likely the same, but David Howells
is off email so rather than try to work it out it's getting reverted in
order to not impact the rest of the merge window.
[1] https://lore.kernel.org/lkml/20190710011559.GA7973@sol.localdomain/
[2] https://lore.kernel.org/lkml/20190710013225.GB7973@sol.localdomain/
Link: https://lore.kernel.org/lkml/CAHk-=wjxoeMJfeBahnWH=9zShKp2bsVy527vo3_y8HfOdhwAAw@mail.gmail.com/
Reported-by: Eric Biggers <ebiggers@kernel.org>
Cc: David Howells <dhowells@redhat.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/integrity/digsig.c')
-rw-r--r-- | security/integrity/digsig.c | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c index f9f3c8ffe786..868ade3e8970 100644 --- a/security/integrity/digsig.c +++ b/security/integrity/digsig.c @@ -47,8 +47,7 @@ int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, if (!keyring[id]) { keyring[id] = - request_key(&key_type_keyring, keyring_name[id], - NULL, NULL); + request_key(&key_type_keyring, keyring_name[id], NULL); if (IS_ERR(keyring[id])) { int err = PTR_ERR(keyring[id]); pr_err("no %s keyring: %d\n", keyring_name[id], err); @@ -71,14 +70,14 @@ int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, } static int __init __integrity_init_keyring(const unsigned int id, - struct key_acl *acl, + key_perm_t perm, struct key_restriction *restriction) { const struct cred *cred = current_cred(); int err = 0; keyring[id] = keyring_alloc(keyring_name[id], KUIDT_INIT(0), - KGIDT_INIT(0), cred, acl, + KGIDT_INIT(0), cred, perm, KEY_ALLOC_NOT_IN_QUOTA, restriction, NULL); if (IS_ERR(keyring[id])) { err = PTR_ERR(keyring[id]); @@ -96,7 +95,10 @@ static int __init __integrity_init_keyring(const unsigned int id, int __init integrity_init_keyring(const unsigned int id) { struct key_restriction *restriction; - struct key_acl *acl = &internal_keyring_acl; + key_perm_t perm; + + perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW + | KEY_USR_READ | KEY_USR_SEARCH; if (id == INTEGRITY_KEYRING_PLATFORM) { restriction = NULL; @@ -111,14 +113,14 @@ int __init integrity_init_keyring(const unsigned int id) return -ENOMEM; restriction->check = restrict_link_to_ima; - acl = &internal_writable_keyring_acl; + perm |= KEY_USR_WRITE; out: - return __integrity_init_keyring(id, acl, restriction); + return __integrity_init_keyring(id, perm, restriction); } -static int __init integrity_add_key(const unsigned int id, const void *data, - off_t size, struct key_acl *acl) +int __init integrity_add_key(const unsigned int id, const void *data, + off_t size, key_perm_t perm) { key_ref_t key; int rc = 0; @@ -127,7 +129,7 @@ static int __init integrity_add_key(const unsigned int id, const void *data, return -EINVAL; key = key_create_or_update(make_key_ref(keyring[id], 1), "asymmetric", - NULL, data, size, acl ?: &internal_key_acl, + NULL, data, size, perm, KEY_ALLOC_NOT_IN_QUOTA); if (IS_ERR(key)) { rc = PTR_ERR(key); @@ -147,6 +149,7 @@ int __init integrity_load_x509(const unsigned int id, const char *path) void *data; loff_t size; int rc; + key_perm_t perm; rc = kernel_read_file_from_path(path, &data, &size, 0, READING_X509_CERTIFICATE); @@ -155,19 +158,21 @@ int __init integrity_load_x509(const unsigned int id, const char *path) return rc; } + perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW | KEY_USR_READ; + pr_info("Loading X.509 certificate: %s\n", path); - rc = integrity_add_key(id, data, size, NULL); + rc = integrity_add_key(id, (const void *)data, size, perm); vfree(data); return rc; } int __init integrity_load_cert(const unsigned int id, const char *source, - const void *data, size_t len, struct key_acl *acl) + const void *data, size_t len, key_perm_t perm) { if (!data) return -EINVAL; pr_info("Loading X.509 certificate: %s\n", source); - return integrity_add_key(id, data, len, acl); + return integrity_add_key(id, data, len, perm); } |