From: David Howells <dhowells@redhat.com>
Date: Mon, 10 Apr 2006 14:15:21 +0000 (+0100)
Subject: [Security] Keys: Fix oops when adding key to non-keyring
X-Git-Tag: v2.6.17-rc2~290
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c3a9d6541f84ac3ff566982d08389b87c1c36b4e;p=pandora-kernel.git

[Security] Keys: Fix oops when adding key to non-keyring

This fixes the problem of an oops occuring when a user attempts to add a
key to a non-keyring key [CVE-2006-1522].

The problem is that __keyring_search_one() doesn't check that the
keyring it's been given is actually a keyring.

I've fixed this problem by:

 (1) declaring that caller of __keyring_search_one() must guarantee that
     the keyring is a keyring; and

 (2) making key_create_or_update() check that the keyring is a keyring,
     and return -ENOTDIR if it isn't.

This can be tested by:

	keyctl add user b b `keyctl add user a a @s`

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---

Reading git-diff-tree failed