evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/security
History
Eric Biggers 1e73c0aeb3 KEYS: allow reaching the keys quotas exactly 
commit a08bf91ce28ed3ae7b6fef35d843fef8dc8c2cd9 upstream.

If the sysctl 'kernel.keys.maxkeys' is set to some number n, then
actually users can only add up to 'n - 1' keys.  Likewise for
'kernel.keys.maxbytes' and the root_* versions of these sysctls.  But
these sysctls are apparently supposed to be *maximums*, as per their
names and all documentation I could find -- the keyrings(7) man page,
Documentation/security/keys/core.rst, and all the mentions of EDQUOT
meaning that the key quota was *exceeded* (as opposed to reached).

Thus, fix the code to allow reaching the quotas exactly.

Fixes: 0b77f5bfb4 ("keys: make the keyring quotas controllable through /proc/sys")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-03-23 08:44:15 +01:00
..
apparmor apparmor: Make path_max parameter readonly 2018-03-22 09:23:24 +01:00
integrity ima: fix showing large 'violations' or 'runtime_measurements_count' 2018-11-21 09:27:35 +01:00
keys KEYS: allow reaching the keys quotas exactly 2019-03-23 08:44:15 +01:00
selinux selinux: fix GPF on invalid policy 2019-01-26 09:42:51 +01:00
smack smack: fix access permissions for keyring 2019-02-20 10:13:07 +01:00
tomoyo mm: replace get_user_pages() write/force parameters with gup_flags 2018-12-17 21:55:16 +01:00
yama Yama: Check for pid death before checking ancestry 2019-01-26 09:42:50 +01:00
commoncap.c
device_cgroup.c
inode.c
Kconfig KPTI: Rename to PAGE_TABLE_ISOLATION 2018-01-05 15:44:26 +01:00
lsm_audit.c
Makefile
min_addr.c
security.c LSM: Check for NULL cred-security on free 2019-01-26 09:42:50 +01:00