[PATCH, RFC 31/62] keys/mktme: Require CAP_SYS_RESOURCE capability for MKTME keys
From: Kirill A. Shutemov
Date: Wed May 08 2019 - 10:51:02 EST
From: Alison Schofield <alison.schofield@xxxxxxxxx>
The MKTME key type uses capabilities to restrict the allocation
of keys to privileged users. CAP_SYS_RESOURCE is required, but
the broader capability of CAP_SYS_ADMIN is accepted.
Signed-off-by: Alison Schofield <alison.schofield@xxxxxxxxx>
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
---
security/keys/mktme_keys.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c
index 496b5c1b7461..4b2d3dc1843a 100644
--- a/security/keys/mktme_keys.c
+++ b/security/keys/mktme_keys.c
@@ -2,6 +2,7 @@
/* Documentation/x86/mktme_keys.rst */
+#include <linux/cred.h>
#include <linux/cpu.h>
#include <linux/init.h>
#include <linux/key.h>
@@ -393,6 +394,9 @@ int mktme_preparse_payload(struct key_preparsed_payload *prep)
char *options;
int ret;
+ if (!capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN))
+ return -EACCES;
+
if (datalen <= 0 || datalen > 1024 || !prep->data)
return -EINVAL;
--
2.20.1