[135/165] Set cred->user_ns in key_replace_session_keyring
From: Greg KH
Date: Wed Jun 01 2011 - 04:27:17 EST
2.6.39-stable review patch. If anyone has any objections, please let us know.
From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
commit f7285b5d631fd6096b11c6af0058ed3a2b30ef4e upstream.
Since this cred was not created with copy_creds(), it needs to get
initialized. Otherwise use of syscall(__NR_keyctl, KEYCTL_SESSION_TO_PARENT);
can lead to a NULL deref. Thanks to Robert for finding this.
But introduced by commit 47a150edc2a ("Cache user_ns in struct cred").
Signed-off-by: Serge E. Hallyn <serge.hallyn@xxxxxxxxxxxxx>
Reported-by: Robert Å?wiÄ?cki <robert@xxxxxxxxxxx>
Cc: David Howells <dhowells@xxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
security/keys/process_keys.c | 1 +
1 file changed, 1 insertion(+)
@@ -845,6 +845,7 @@ void key_replace_session_keyring(void)
new-> sgid = old-> sgid;
new->fsgid = old->fsgid;
new->user = get_uid(old->user);
+ new->user_ns = new->user->user_ns;
new->group_info = get_group_info(old->group_info);
new->securebits = old->securebits;
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/