2.6.27-stable review patch. If anyone has any objections, please let us know. ------------------ From: David Howells commit 1f8f5cf6e4f038552a3e47b66085452c08556d71 upstream Make request_key() instantiate the per-user keyrings so that it doesn't oops if it needs to get hold of the user session keyring because there isn't a session keyring in place. Signed-off-by: David Howells Tested-by: Steve French Tested-by: Rutger Nijlunsing Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- security/keys/internal.h | 1 + security/keys/process_keys.c | 2 +- security/keys/request_key.c | 4 ++++ 3 files changed, 6 insertions(+), 1 deletion(-) --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -107,6 +107,7 @@ extern key_ref_t search_process_keyrings extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check); +extern int install_user_keyrings(struct task_struct *tsk); extern int install_thread_keyring(struct task_struct *tsk); extern int install_process_keyring(struct task_struct *tsk); --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -40,7 +40,7 @@ struct key_user root_key_user = { /* * install user and user session keyrings for a particular UID */ -static int install_user_keyrings(struct task_struct *tsk) +int install_user_keyrings(struct task_struct *tsk) { struct user_struct *user = tsk->user; struct key *uid_keyring, *session_keyring; --- a/security/keys/request_key.c +++ b/security/keys/request_key.c @@ -74,6 +74,10 @@ static int call_sbin_request_key(struct kenter("{%d},{%d},%s", key->serial, authkey->serial, op); + ret = install_user_keyrings(tsk); + if (ret < 0) + goto error_alloc; + /* allocate a new session keyring */ sprintf(desc, "_req.%u", key->serial); -- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/