Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/security/keys
History
David Howells d587946ff0 KEYS: Don't permit request_key() to construct a new keyring 
If request_key() is used to find a keyring, only do the search part - don't
do the construction part if the keyring was not found by the search.  We
don't really want keyrings in the negative instantiated state since the
rejected/negative instantiation error value in the payload is unioned with
keyring metadata.

Now the kernel gives an error:

	request_key("keyring", "#selinux,bdekeyring", "keyring", KEY_SPEC_USER_SESSION_KEYRING) = -1 EPERM (Operation not permitted)

Signed-off-by: David Howells <dhowells@redhat.com>
CVE-2015-7872
Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org>

Change-Id: I3603fec8fab929d7636d7223901f16dc8d8026cc
 		2020-04-20 20:13:40 +02:00
..
encrypted-keys KEYS: Fix an error code in request_master_key() 2019-07-27 21:44:37 +02:00
Kconfig KEYS: Move the key config into security/keys/Kconfig 2012-05-11 10:56:56 +01:00
Makefile KEYS: Reorganise keys Makefile 2012-05-11 10:56:56 +01:00
compat.c Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and security keys 2013-03-12 11:05:45 -07:00
gc.c KEYS: Change the name of the dead type to ".dead" to prevent user access 2017-05-01 14:22:35 +00:00
internal.h KEYS: prevent creating a different user's keyrings 2019-07-27 21:44:21 +02:00
key.c KEYS: allow reaching the keys quotas exactly 2019-07-27 22:08:29 +02:00
keyctl.c KEYS: fix key refcount leak in keyctl_read_key() 2019-07-27 21:45:32 +02:00
keyring.c KEYS: prevent creating a different user's keyrings 2019-07-27 21:44:21 +02:00
permission.c userns: Convert security/keys to the new userns infrastructure 2012-09-13 18:28:02 -07:00
proc.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
process_keys.c KEYS: put keyring if install_session_keyring_to_cred() fails 2019-07-27 21:52:38 +02:00
request_key.c KEYS: Don't permit request_key() to construct a new keyring 2020-04-20 20:13:40 +02:00
request_key_auth.c KEYS: don't revoke uninstantiated key in request_key_auth_new() 2019-07-27 21:45:31 +02:00
sysctl.c
trusted.c KEYS: trusted: fix writing past end of buffer in trusted_read() 2019-07-27 21:45:42 +02:00
trusted.h trusted-keys: rename trusted_defined files to trusted 2011-01-24 10:14:22 +11:00
user_defined.c KEYS: Fix handling of stored error in a negatively instantiated user key 2017-04-22 23:02:53 +02:00