android_kernel_samsung_msm8976

History

David Howells d587946ff0 KEYS: Don't permit request_key() to construct a new keyring If request_key() is used to find a keyring, only do the search part - don't do the construction part if the keyring was not found by the search. We don't really want keyrings in the negative instantiated state since the rejected/negative instantiation error value in the payload is unioned with keyring metadata. Now the kernel gives an error: request_key("keyring", "#selinux,bdekeyring", "keyring", KEY_SPEC_USER_SESSION_KEYRING) = -1 EPERM (Operation not permitted) Signed-off-by: David Howells <dhowells@redhat.com> CVE-2015-7872 Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org> Change-Id: I3603fec8fab929d7636d7223901f16dc8d8026cc		2020-04-20 20:13:40 +02:00
..
encrypted-keys	KEYS: Fix an error code in request_master_key()	2019-07-27 21:44:37 +02:00
Kconfig	…
Makefile	…
compat.c	…
gc.c	KEYS: Change the name of the dead type to ".dead" to prevent user access	2017-05-01 14:22:35 +00:00
internal.h	KEYS: prevent creating a different user's keyrings	2019-07-27 21:44:21 +02:00
key.c	KEYS: allow reaching the keys quotas exactly	2019-07-27 22:08:29 +02:00
keyctl.c	KEYS: fix key refcount leak in keyctl_read_key()	2019-07-27 21:45:32 +02:00
keyring.c	KEYS: prevent creating a different user's keyrings	2019-07-27 21:44:21 +02:00
permission.c	…
proc.c	Import latest Samsung release	2017-04-18 03:43:52 +02:00
process_keys.c	KEYS: put keyring if install_session_keyring_to_cred() fails	2019-07-27 21:52:38 +02:00
request_key.c	KEYS: Don't permit request_key() to construct a new keyring	2020-04-20 20:13:40 +02:00
request_key_auth.c	KEYS: don't revoke uninstantiated key in request_key_auth_new()	2019-07-27 21:45:31 +02:00
sysctl.c	…
trusted.c	KEYS: trusted: fix writing past end of buffer in trusted_read()	2019-07-27 21:45:42 +02:00
trusted.h	…
user_defined.c	KEYS: Fix handling of stored error in a negatively instantiated user key	2017-04-22 23:02:53 +02:00