linux-toradex.git/security/keys/user_defined.c, branch v3.1.1

Merge branch 'next' into for-linus

2011-05-24T12:55:24+00:00

security,rcu: convert call_rcu(user_update_rcu_disposal) to kfree_rcu()

2011-05-08T05:50:54+00:00

The rcu callback user_update_rcu_disposal() just calls a kfree(),
so we use kfree_rcu() instead of the call_rcu(user_update_rcu_disposal).

Signed-off-by: Lai Jiangshan 
Signed-off-by: Paul E. McKenney 
Acked-by: David Howells 
Reviewed-by: Josh Triplett

KEYS: Improve /proc/keys

2011-03-17T00:59:32+00:00

Improve /proc/keys by:

 (1) Don't attempt to summarise the payload of a negated key.  It won't have
     one.  To this end, a helper function - key_is_instantiated() has been
     added that allows the caller to find out whether the key is positively
     instantiated (as opposed to being uninstantiated or negatively
     instantiated).

 (2) Do show keys that are negative, expired or revoked rather than hiding
     them.  This requires an override flag (no_state_check) to be passed to
     search_my_process_keyrings() and keyring_search_aux() to suppress this
     check.

     Without this, keys that are possessed by the caller, but only grant
     permissions to the caller if possessed are skipped as the possession check
     fails.

     Keys that are visible due to user, group or other checks are visible with
     or without this patch.

Signed-off-by: David Howells 
Signed-off-by: James Morris

KEYS: Add an RCU payload dereference macro

2011-03-08T00:17:11+00:00

Add an RCU payload dereference macro as this seems to be a common piece of code
amongst key types that use RCU referenced payloads.

Signed-off-by: David Howells 
Signed-off-by: Mimi Zohar 
Signed-off-by: James Morris

KEYS: Do some style cleanup in the key management code.

2011-01-21T22:59:29+00:00

Do a bit of a style clean up in the key management code.  No functional
changes.

Done using:

  perl -p -i -e 's!^/[*]*/\n!!' security/keys/*.c
  perl -p -i -e 's!} /[*] end [a-z0-9_]*[(][)] [*]/\n!}\n!' security/keys/*.c
  sed -i -s -e ": next" -e N -e 's/^\n[}]$/}/' -e t -e P -e 's/^.*\n//' -e "b next" security/keys/*.c

To remove /*****/ lines, remove comments on the closing brace of a
function to name the function and remove blank lines before the closing
brace of a function.

Signed-off-by: David Howells 
Signed-off-by: Linus Torvalds

KEYS: Fix an RCU warning in the reading of user keys

2010-05-05T01:38:52+00:00

Fix an RCU warning in the reading of user keys:

===================================================
[ INFO: suspicious rcu_dereference_check() usage. ]
---------------------------------------------------
security/keys/user_defined.c:202 invoked rcu_dereference_check() without protection!

other info that might help us debug this:

rcu_scheduler_active = 1, debug_locks = 0
1 lock held by keyctl/3637:
 #0:  (&key->sem){+++++.}, at: [] keyctl_read_key+0x9c/0xcf

stack backtrace:
Pid: 3637, comm: keyctl Not tainted 2.6.34-rc5-cachefs #18
Call Trace:
 [] lockdep_rcu_dereference+0xaa/0xb2
 [] user_read+0x47/0x91
 [] keyctl_read_key+0xac/0xcf
 [] sys_keyctl+0x75/0xb7
 [] system_call_fastpath+0x16/0x1b

Signed-off-by: David Howells 
Acked-by: Serge Hallyn 
Signed-off-by: James Morris

[PATCH] remove many unneeded #includes of sched.h

2007-02-14T16:09:54+00:00

After Al Viro (finally) succeeded in removing the sched.h #include in module.h
recently, it makes sense again to remove other superfluous sched.h includes.
There are quite a lot of files which include it but don't actually need
anything defined in there.  Presumably these includes were once needed for
macros that used to live in sched.h, but moved to other header files in the
course of cleaning it up.

To ease the pain, this time I did not fiddle with any header files and only
removed #includes from .c-files, which tend to cause less trouble.

Compile tested against 2.6.20-rc2 and 2.6.20-rc2-mm2 (with offsets) on alpha,
arm, i386, ia64, mips, powerpc, and x86_64 with allnoconfig, defconfig,
allmodconfig, and allyesconfig as well as a few randconfigs on x86_64 and all
configs in arch/arm/configs on arm.  I also checked that no new warnings were
introduced by the patch (actually, some warnings are removed that were emitted
by unnecessarily included header files).

Signed-off-by: Tim Schmielau 
Acked-by: Russell King 
Signed-off-by: Andrew Morton 
Signed-off-by: Linus Torvalds

[PATCH] keys: discard the contents of a key on revocation

2006-06-26T16:58:18+00:00

Cause the keys linked to a keyring to be unlinked from it when revoked and it
causes the data attached to a user-defined key to be discarded when revoked.

This frees up most of the quota a key occupied at that point, rather than
waiting for the key to actually be destroyed.

Signed-off-by: David Howells 
Signed-off-by: Andrew Morton 
Signed-off-by: Linus Torvalds

[PATCH] Keys: Remove key duplication

2006-01-06T16:33:29+00:00

Remove the key duplication stuff since there's nothing that uses it, no way
to get at it and it's awkward to deal with for LSM purposes.

Signed-off-by: David Howells 
Signed-off-by: Andrew Morton 
Signed-off-by: Linus Torvalds

[PATCH] Keys: Export user-defined keyring operations

2005-10-31T01:37:22+00:00

Export user-defined key operations so that those who wish to define their
own key type based on the user-defined key operations may do so (as has
been requested).

The header file created has been placed into include/keys/user-type.h, thus
creating a directory where other key types may also be placed.  Any
objections to doing this?

Signed-Off-By: David Howells 
Signed-Off-By: Arjan van de Ven 
Signed-off-by: Andrew Morton 
Signed-off-by: Linus Torvalds