q3k
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/Documentation
History
David Howells ee18d64c1f KEYS: Add a keyctl to install a process's session keyring on its parent [try #6] 
Add a keyctl to install a process's session keyring onto its parent.  This
replaces the parent's session keyring.  Because the COW credential code does
not permit one process to change another process's credentials directly, the
change is deferred until userspace next starts executing again.  Normally this
will be after a wait*() syscall.

To support this, three new security hooks have been provided:
cred_alloc_blank() to allocate unset security creds, cred_transfer() to fill in
the blank security creds and key_session_to_parent() - which asks the LSM if
the process may replace its parent's session keyring.

The replacement may only happen if the process has the same ownership details
as its parent, and the process has LINK permission on the session keyring, and
the session keyring is owned by the process, and the LSM permits it.

Note that this requires alteration to each architecture's notify_resume path.
This has been done for all arches barring blackfin, m68k* and xtensa, all of
which need assembly alteration to support TIF_NOTIFY_RESUME.  This allows the
replacement to be performed at the point the parent process resumes userspace
execution.

This allows the userspace AFS pioctl emulation to fully emulate newpag() and
the VIOCSETTOK and VIOCSETTOK2 pioctls, all of which require the ability to
alter the parent process's PAG membership.  However, since kAFS doesn't use
PAGs per se, but rather dumps the keys into the session keyring, the session
keyring of the parent must be replaced if, for example, VIOCSETTOK is passed
the newpag flag.

This can be tested with the following program:

	#include <stdio.h>
	#include <stdlib.h>
	#include <keyutils.h>

	#define KEYCTL_SESSION_TO_PARENT	18

	#define OSERROR(X, S) do { if ((long)(X) == -1) { perror(S); exit(1); } } while(0)

	int main(int argc, char **argv)
	{
		key_serial_t keyring, key;
		long ret;

		keyring = keyctl_join_session_keyring(argv[1]);
		OSERROR(keyring, "keyctl_join_session_keyring");

		key = add_key("user", "a", "b", 1, keyring);
		OSERROR(key, "add_key");

		ret = keyctl(KEYCTL_SESSION_TO_PARENT);
		OSERROR(ret, "KEYCTL_SESSION_TO_PARENT");

		return 0;
	}

Compiled and linked with -lkeyutils, you should see something like:

	[dhowells@andromeda ~]$ keyctl show
	Session Keyring
	       -3 --alswrv   4043  4043  keyring: _ses
	355907932 --alswrv   4043    -1   \_ keyring: _uid.4043
	[dhowells@andromeda ~]$ /tmp/newpag
	[dhowells@andromeda ~]$ keyctl show
	Session Keyring
	       -3 --alswrv   4043  4043  keyring: _ses
	1055658746 --alswrv   4043  4043   \_ user: a
	[dhowells@andromeda ~]$ /tmp/newpag hello
	[dhowells@andromeda ~]$ keyctl show
	Session Keyring
	       -3 --alswrv   4043  4043  keyring: hello
	340417692 --alswrv   4043  4043   \_ user: a

Where the test program creates a new session keyring, sticks a user key named
'a' into it and then installs it on its parent.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
 		2009-09-02 21:29:22 +10:00
..
ABI block: Update topology documentation 2009-08-01 10:24:35 +02:00
DocBook docbook: fix printk of ip address 2009-07-30 13:10:50 -07:00
PCI PCI AER: software error injection 2009-06-16 14:30:14 -07:00
RCU netfilter: nf_conntrack: nf_conntrack_alloc() fixes 2009-07-16 14:03:40 +02:00
accounting Documentation/accounting/getdelays.c intialize the variable before using it 2009-06-16 19:47:51 -07:00
acpi ACPI: update debug parameter documentation 2008-11-07 21:45:29 -05:00
aoe
arm ARM: 5624/1: Document cache aliasing region 2009-07-30 10:44:14 +01:00
auxdisplay .gitignore updates 2008-10-30 11:38:45 -07:00
blackfin Blackfin arch: Add document about bfin-gpio 2009-01-07 23:14:38 +08:00
block Trivial typo fixes in Documentation/block/data-integrity.txt. 2009-07-01 10:56:25 +02:00
blockdev mflash: initial support 2009-04-07 08:12:38 +02:00
cdrom debugfs: Fix terminology inconsistency of dir name to mount debugfs filesystem. 2009-06-15 21:30:28 -07:00
cgroups cpusets: document adding/removing cpus to cpuset elaborately 2009-06-30 18:56:01 -07:00
connector connector: maintainer/mail update. 2009-07-21 12:43:51 -07:00
console
cpu-freq [CPUFREQ] minor correction to cpu-freq documentation 2009-06-15 11:49:42 -04:00
cpuidle
cris fix random typos 2008-10-16 11:21:30 -07:00
crypto async_tx, dmaengine: document channel allocation and api rework 2009-01-05 18:10:19 -07:00
development-process docs: Encourage better changelogs in the development process document 2009-06-04 10:32:49 -06:00
device-mapper dm raid1: add userspace log 2009-06-22 10:12:35 +01:00
driver-model driver model: fix show/store prototypes in doc. 2009-07-12 13:02:10 -07:00
dvb V4L/DVB (12206): get_dvb_firmware: Correct errors in MPC718 firmware extraction logic 2009-07-05 19:21:49 -03:00
early-userspace
fault-injection debugfs: Fix terminology inconsistency of dir name to mount debugfs filesystem. 2009-06-15 21:30:28 -07:00
fb Documentation/fb/vesafb.txt: fix typo 2009-06-16 19:47:58 -07:00
filesystems AFS: Documentation updates 2009-08-19 10:40:13 -07:00
firmware_class driver core: fix documentation of request_firmware_nowait 2009-06-15 21:30:24 -07:00
frv
hwmon hwmon: (f71882fg) Add support for the F71858F 2009-06-15 18:39:52 +02:00
i2c i2c: Add a sysfs interface to instantiate devices 2009-06-19 16:58:20 +02:00
i2o
ia64 trivial: Fix misspelling of firmware 2009-03-30 15:21:59 +02:00
ide ide: preserve Host Protected Area by default (v2) 2009-06-07 13:52:52 +02:00
infiniband IPoIB: Document newish features 2009-04-08 13:52:01 -07:00
input Merge commit 'v2.6.30' into next 2009-06-11 01:58:01 -07:00
ioctl documentation: register ioctl entry of nilfs2 2009-08-10 08:30:11 -07:00
isdn isdn: clean up documentation index 2009-06-20 01:10:38 -07:00
ja_JP block: rename CONFIG_LBD to CONFIG_LBDAF 2009-06-19 08:08:50 +02:00
kbuild kconfig: resort the documentation of the environment variables 2009-06-09 22:37:47 +02:00
kdump trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
ko_KR
laptops thinkpad-acpi: remove dock and bay subdrivers 2009-08-01 23:46:58 -04:00
lguest lguest and virtio: cleanup struct definitions to Linux style. 2009-07-30 16:03:46 +09:30
m68k
make
mips ide: remove unused CONFIG_BLK_DEV_IDE_AU1XXX_SEQTS_PER_RQ 2009-01-14 19:19:03 +01:00
misc-devices drivers/misc/isl29003.c: driver for the ISL29003 ambient light sensor 2009-04-01 08:59:18 -07:00
mn10300 trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
mtd trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
namespaces
netlabel
networking Update Andreas Koensgen's email address 2009-07-17 10:07:12 -07:00
parisc
pcmcia .gitignore updates 2008-10-30 11:38:45 -07:00
power Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-06-14 13:46:25 -07:00
powerpc Merge branch 'for-linus' of git://git.o-hand.com/linux-rpurdie-leds 2009-06-28 11:02:32 -07:00
pps LinuxPPS: core support 2009-06-18 13:04:04 -07:00
prctl
s390 trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
scheduler sched: Documentation/sched-rt-group: Fix style issues & bump version 2009-06-21 13:12:46 +02:00
scsi Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6 2009-06-17 09:50:44 -07:00
serial Create/use more directory structure in the Documentation/ tree. 2008-11-14 17:28:53 +00:00
sh sh: Kill off remaining CONFIG_SH_KGDB bits. 2008-12-22 18:44:05 +09:00
sound ALSA: pcm - Add logging of hwptr updates and interrupt updates 2009-07-23 11:09:03 +02:00
sparc sparc: Remove Documentation/sparc/sbus_drivers.txt 2008-08-29 02:15:25 -07:00
spi spi: new spi->mode bits 2009-06-30 18:56:00 -07:00
sysctl vmscan: properly account for the number of page cache pages zone_reclaim() can reclaim 2009-06-16 19:47:45 -07:00
telephony remove mention of CONFIG_KMOD from documentation 2008-07-22 19:24:29 +10:00
thermal
timers trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
trace debugfs: Fix terminology inconsistency of dir name to mount debugfs filesystem. 2009-06-15 21:30:28 -07:00
uml
usb trivial: usb: fix missing space typo in doc 2009-06-12 18:01:51 +02:00
video4linux V4L/DVB (12402): em28xx: fix: some em2710 chips use a different vendor ID 2009-08-13 20:39:08 -03:00
vm Documentation/vm/Makefile: don't try to build slqbinfo 2009-06-17 09:45:46 -07:00
w1 w1: send status messages after command processing 2009-01-08 08:31:14 -08:00
watchdog [WATCHDOG] hpwdt: Add NMI priority option 2009-06-23 07:13:45 +00:00
wimax i2400m: documentation and instructions for usage 2009-01-07 10:00:18 -08:00
x86 Doc: move Documentation/exception.txt into x86 subdir 2009-07-10 19:10:32 -07:00
zh_CN
00-INDEX trivial: fix where cgroup documentation is not correctly referred to 2009-03-30 15:22:02 +02:00
BUG-HUNTING
Changes Documentation/Changes: perl is needed to build the kernel 2009-06-18 13:03:46 -07:00
CodingStyle trivial: fix typo milisecond/millisecond for documentation and source comments. 2009-06-12 18:01:46 +02:00
DMA-API.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
DMA-ISA-LPC.txt
DMA-attributes.txt powerpc/cell: Add DMA_ATTR_WEAK_ORDERING dma attribute and use in Cell IOMMU code 2008-07-22 10:39:36 +10:00
DMA-mapping.txt dma-mapping: update the old macro DMA_nBIT_MASK related documentations 2009-04-07 08:31:12 -07:00
HOWTO Remove Andrew Morton's http://www.zip.com.au/~akpm/ 2008-10-16 11:21:32 -07:00
IO-mapping.txt Documentation: move DMA-mapping.txt to Doc/PCI/ 2009-01-29 18:19:29 -08:00
IPMI.txt
IRQ-affinity.txt
IRQ.txt
Intel-IOMMU.txt Documentation cleanup: trivial misspelling, punctuation, and grammar corrections. 2008-07-26 12:00:06 -07:00
Makefile docsrc: build Documentation/ sources 2008-08-12 16:07:30 -07:00
ManagementStyle docs: fix ManagementStyle book name 2008-10-30 11:38:46 -07:00
SAK.txt Remove Andrew Morton's old email accounts 2008-10-16 11:21:32 -07:00
SELinux.txt selinux: add support for installing a dummy policy (v2) 2008-08-27 08:54:08 +10:00
SM501.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
SecurityBugs
Smack.txt smack: implement logging V3 2009-04-14 09:00:23 +10:00
SubmitChecklist block: rename CONFIG_LBD to CONFIG_LBDAF 2009-06-19 08:08:50 +02:00
SubmittingDrivers Remove Andrew Morton's old email accounts 2008-10-16 11:21:32 -07:00
SubmittingPatches Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-06-14 13:46:25 -07:00
VGA-softcursor.txt
applying-patches.txt
atomic_ops.txt Documentation/atomic_ops.txt: fix sample code 2009-06-16 19:47:52 -07:00
bad_memory.txt Document handling of bad memory 2008-12-03 16:09:53 -07:00
basic_profiling.txt
binfmt_misc.txt
braille-console.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
bt8xxgpio.txt gpio: add bt8xxgpio driver 2008-07-25 10:53:30 -07:00
c2port.txt Add c2 port support 2008-11-12 17:17:18 -08:00
cachetlb.txt
cpu-hotplug.txt x86: use possible_cpus=NUM to extend the possible cpus allowed 2008-12-18 12:08:05 +01:00
cpu-load.txt
cputopology.txt cpumask: Use topology_core_cpumask()/topology_thread_cpumask() 2009-01-11 19:12:49 +01:00
credentials.txt CRED: Documentation 2008-11-14 10:39:26 +11:00
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt trivial: Documentation/dell_rbu.txt: fix typos 2009-06-12 18:01:50 +02:00
devices.txt lanana: assign a device name and numbering for MAX3100 2009-04-07 08:44:05 -07:00
dmaengine.txt async_tx, dmaengine: document channel allocation and api rework 2009-01-05 18:10:19 -07:00
dontdiff dontdiff: Fix asm exclude 2009-03-26 15:45:43 -07:00
dynamic-debug-howto.txt Dynamic debug: allow simple quoting of words 2009-03-24 16:38:27 -07:00
edac.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
eisa.txt
email-clients.txt Documentation/email-clients.txt: add some info about gmail 2008-11-06 15:41:19 -08:00
feature-removal-schedule.txt [CPUFREQ] Mark policy_rwsem as going static in cpufreq.c wont be exported 2009-07-06 21:38:28 -04:00
futex-requeue-pi.txt futex: add requeue-pi documentation 2009-05-09 07:12:50 +02:00
gcov.txt gcov: fix documentation 2009-06-30 18:55:59 -07:00
gpio.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
highuid.txt
hw_random.txt
ics932s401 ics932s401: new clock generator chip driver 2008-11-12 17:17:18 -08:00
initrd.txt
io-mapping.txt io mapping: improve documentation 2008-11-03 18:21:44 +01:00
io_ordering.txt
iostats.txt Documentation cleanup: trivial misspelling, punctuation, and grammar corrections. 2008-07-26 12:00:06 -07:00
irqflags-tracing.txt
isapnp.txt
java.txt
kernel-doc-nano-HOWTO.txt kernel-doc: restrict syntax for private: and public: 2009-05-02 15:36:10 -07:00
kernel-docs.txt
kernel-parameters.txt Documentation/kernel-parameters.txt: document libata's ignore_hpa option 2009-08-12 06:21:08 -04:00
keys-request-key.txt
keys.txt KEYS: Add a keyctl to install a process's session keyring on its parent [try #6] 2009-09-02 21:29:22 +10:00
kmemcheck.txt kmemcheck: add the kmemcheck documentation 2009-06-13 14:27:20 +02:00
kmemleak.txt kmemleak: Do not trigger a scan when reading the debug/kmemleak file 2009-06-26 17:38:27 +01:00
kobject.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
kprobes.txt debugfs: Fix terminology inconsistency of dir name to mount debugfs filesystem. 2009-06-15 21:30:28 -07:00
kref.txt
ldm.txt
leds-class.txt Documentation cleanup: trivial misspelling, punctuation, and grammar corrections. 2008-07-26 12:00:06 -07:00
leds-lp3944.txt leds: LED driver for National Semiconductor LP3944 Funlight Chip 2009-06-23 20:21:38 +01:00
local_ops.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
lockdep-design.txt lockdep: Fix typos in documentation 2009-08-07 12:03:46 +02:00
lockstat.txt lockstat: contend with points 2008-10-20 15:43:10 +02:00
logo.gif Revert "linux.conf.au 2009: Tuz" 2009-04-27 12:00:27 -07:00
logo.txt Revert "linux.conf.au 2009: Tuz" 2009-04-27 12:00:27 -07:00
magic-number.txt documentation: update header file paths 2009-01-06 15:59:28 -08:00
markers.txt markers: comment marker_synchronize_unregister() on data dependency 2008-11-28 16:47:41 +01:00
mca.txt
md.txt Documentation/md.txt update 2009-03-31 15:18:37 +11:00
memory-barriers.txt sched: Document memory barriers implied by sleep/wake-up primitives 2009-04-29 14:15:55 +02:00
memory-hotplug.txt trivial: Miscellaneous documentation typo fixes 2009-06-12 18:01:47 +02:00
memory.txt
mono.txt
mutex-design.txt
nmi_watchdog.txt x86, nmi-watchdog: update procfs nmi_watchdog file documentation v2 2008-10-30 19:07:04 +01:00
nommu-mmap.txt NOMMU: Make mmap allocation page trimming behaviour configurable. 2009-01-08 12:04:47 +00:00
numastat.txt
oops-tracing.txt
parport-lowlevel.txt
parport.txt
pi-futex.txt
pnp.txt
preempt-locking.txt
printk-formats.txt DOC: add printk-formats.txt 2008-11-12 17:17:17 -08:00
prio_tree.txt
rbtree.txt trivial: rbtree.txt: fix rb_entry() parameters in sample code 2009-06-12 18:01:47 +02:00
rfkill.txt rfkill: export persistent attribute in sysfs 2009-06-19 11:50:18 -04:00
robust-futex-ABI.txt futex: documentation: fix inconsistent description of futex list_op_pending 2009-06-18 13:03:56 -07:00
robust-futexes.txt
rt-mutex-design.txt
rt-mutex.txt
rtc.txt
serial-console.txt
sgi-ioc4.txt
sgi-visws.txt
slow-work.txt Document the slow work thread pool 2009-04-03 16:42:35 +01:00
sparse.txt Documentation: explain the difference between __bitwise and __bitwise__ 2009-04-11 08:18:11 +02:00
spinlocks.txt
stable_api_nonsense.txt
stable_kernel_rules.txt Update stable tree documentation 2008-10-29 15:03:49 -07:00
svga.txt
sysfs-rules.txt Doc/sysfs-rules: Swap the order of the words so the sentence makes more sense 2009-05-08 19:22:20 -07:00
sysrq.txt sysrq, kdump: make sysrq-c consistent 2009-07-29 19:10:36 -07:00
tomoyo.txt tomoyo: add Documentation/tomoyo.txt 2009-04-14 09:14:58 +10:00
unaligned-memory-access.txt introduce HAVE_EFFICIENT_UNALIGNED_ACCESS Kconfig symbol 2008-07-25 10:53:27 -07:00
unicode.txt
unshare.txt
video-output.txt
volatile-considered-harmful.txt Documentation cleanup: trivial misspelling, punctuation, and grammar corrections. 2008-07-26 12:00:06 -07:00
voyager.txt
zorro.txt