[PATCH] keys: sort out key quota system
Add the ability for key creation to overrun the user's quota in some circumstances - notably when a session keyring is created and assigned to a process that didn't previously have one. This means it's still possible to log in, should PAM require the creation of a new session keyring, and fix an overburdened key quota. Signed-off-by:David Howells <dhowells@redhat.com> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
Linus Torvalds <torvalds@osdl.org>
Showing
- include/linux/key.h 10 additions, 3 deletionsinclude/linux/key.h
- include/linux/security.h 7 additions, 4 deletionsinclude/linux/security.h
- security/dummy.c 2 additions, 1 deletionsecurity/dummy.c
- security/keys/internal.h 2 additions, 1 deletionsecurity/keys/internal.h
- security/keys/key.c 14 additions, 12 deletionssecurity/keys/key.c
- security/keys/keyctl.c 3 additions, 2 deletionssecurity/keys/keyctl.c
- security/keys/keyring.c 2 additions, 2 deletionssecurity/keys/keyring.c
- security/keys/process_keys.c 17 additions, 7 deletionssecurity/keys/process_keys.c
- security/keys/request_key.c 21 additions, 15 deletionssecurity/keys/request_key.c
- security/keys/request_key_auth.c 1 addition, 1 deletionsecurity/keys/request_key_auth.c
- security/selinux/hooks.c 6 additions, 3 deletionssecurity/selinux/hooks.c
Loading
Please register or sign in to comment