summaryrefslogtreecommitdiffstats
path: root/certs
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2020-11-20 19:04:23 +0100
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2021-03-04 10:26:29 +0100
commit0fec3272abf17bf337dc9d8934d7a0d3ff4e83d8 (patch)
treec195e3a0280eb2b0a9241367a50e7a413dbf38a8 /certs
parent8d0c3acd0370dfdf81549e6c6fd7a72b74959daa (diff)
downloadlinux-stable-0fec3272abf17bf337dc9d8934d7a0d3ff4e83d8.tar.gz
linux-stable-0fec3272abf17bf337dc9d8934d7a0d3ff4e83d8.tar.bz2
linux-stable-0fec3272abf17bf337dc9d8934d7a0d3ff4e83d8.zip
certs: Fix blacklist flag type confusion
[ Upstream commit 4993e1f9479a4161fd7d93e2b8b30b438f00cb0f ] KEY_FLAG_KEEP is not meant to be passed to keyring_alloc() or key_alloc(), as these only take KEY_ALLOC_* flags. KEY_FLAG_KEEP has the same value as KEY_ALLOC_BYPASS_RESTRICTION, but fortunately only key_create_or_update() uses it. LSMs using the key_alloc hook don't check that flag. KEY_FLAG_KEEP is then ignored but fortunately (again) the root user cannot write to the blacklist keyring, so it is not possible to remove a key/hash from it. Fix this by adding a KEY_ALLOC_SET_KEEP flag that tells key_alloc() to set KEY_FLAG_KEEP on the new key. blacklist_init() can then, correctly, pass this to keyring_alloc(). We can also use this in ima_mok_init() rather than setting the flag manually. Note that this doesn't fix an observable bug with the current implementation but it is required to allow addition of new hashes to the blacklist in the future without making it possible for them to be removed. Fixes: 734114f8782f ("KEYS: Add a system blacklist keyring") Reported-by: Mickaël Salaün <mic@linux.microsoft.com> Signed-off-by: David Howells <dhowells@redhat.com> cc: Mickaël Salaün <mic@linux.microsoft.com> cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'certs')
-rw-r--r--certs/blacklist.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/certs/blacklist.c b/certs/blacklist.c
index ec00bf337eb6..025a41de28fd 100644
--- a/certs/blacklist.c
+++ b/certs/blacklist.c
@@ -153,7 +153,7 @@ static int __init blacklist_init(void)
KEY_USR_VIEW | KEY_USR_READ |
KEY_USR_SEARCH,
KEY_ALLOC_NOT_IN_QUOTA |
- KEY_FLAG_KEEP,
+ KEY_ALLOC_SET_KEEP,
NULL, NULL);
if (IS_ERR(blacklist_keyring))
panic("Can't allocate system blacklist keyring\n");