AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-28 11:18:45 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
e007ce9c59
linux_dsm_epyc7002/include
History
Eric Biggers 237bbd29f7 KEYS: prevent creating a different user's keyrings 
It was possible for an unprivileged user to create the user and user
session keyrings for another user.  For example:

    sudo -u '#3000' sh -c 'keyctl add keyring _uid.4000 "" @u
                           keyctl add keyring _uid_ses.4000 "" @u
                           sleep 15' &
    sleep 1
    sudo -u '#4000' keyctl describe @u
    sudo -u '#4000' keyctl describe @us

This is problematic because these "fake" keyrings won't have the right
permissions.  In particular, the user who created them first will own
them and will have full access to them via the possessor permissions,
which can be used to compromise the security of a user's keys:

    -4: alswrv-----v------------  3000     0 keyring: _uid.4000
    -5: alswrv-----v------------  3000     0 keyring: _uid_ses.4000

Fix it by marking user and user session keyrings with a flag
KEY_FLAG_UID_KEYRING.  Then, when searching for a user or user session
keyring by name, skip all keyrings that don't have the flag set.

Fixes: 69664cf16a ("keys: don't generate user and user session keyrings unless they're accessed")
Cc: <stable@vger.kernel.org>	[v2.6.26+]
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2017-09-25 15:19:57 +01:00
..
acpi Device properties framework updates for v4.14-rc1 2017-09-05 12:50:00 -07:00
asm-generic Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-09-14 20:01:41 -07:00
clocksource
crypto
drm lib/interval_tree: fast overlap detection 2017-09-08 18:26:49 -07:00
dt-bindings Merge branch '4.14-features' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2017-09-15 20:43:33 -07:00
keys
kvm
linux KEYS: prevent creating a different user's keyrings 2017-09-25 15:19:57 +01:00
math-emu
media media updates for v4.14-rc1 2017-09-07 12:53:14 -07:00
memory
misc
net sctp: fix an use-after-free issue in sctp_sock_dump 2017-09-15 14:47:49 -07:00
pcmcia
ras
rdma More RDMA work and some op-structure constification from Chuck Lever, 2017-09-09 13:31:49 -07:00
scsi SCSI misc on 20170913 2017-09-13 10:47:14 -07:00
soc ARM: SoC driver updates for v4.14 2017-09-10 20:40:00 -07:00
sound sound updates for 4.14-rc1 2017-09-07 12:44:53 -07:00
target
trace Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-16 11:28:59 -07:00
uapi Merge branch 'zstd-minimal' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs 2017-09-14 17:30:49 -07:00
video
xen