aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/request_key_auth.c
diff options
context:
space:
mode:
authorMichael LeMay <mdlemay@epoch.ncsc.mil>2006-06-22 14:47:17 -0700
committerLinus Torvalds <torvalds@g5.osdl.org>2006-06-22 15:05:55 -0700
commitd720024e94de4e8b7f10ee83c532926f3ad5d708 (patch)
tree8f21613c29a26bfbeb334cb0104b8b998b09fbdc /security/keys/request_key_auth.c
parentf893afbe1262e27e91234506f72e17716190dd2f (diff)
downloadkernel_samsung_smdk4412-d720024e94de4e8b7f10ee83c532926f3ad5d708.zip
kernel_samsung_smdk4412-d720024e94de4e8b7f10ee83c532926f3ad5d708.tar.gz
kernel_samsung_smdk4412-d720024e94de4e8b7f10ee83c532926f3ad5d708.tar.bz2
[PATCH] selinux: add hooks for key subsystem
Introduce SELinux hooks to support the access key retention subsystem within the kernel. Incorporate new flask headers from a modified version of the SELinux reference policy, with support for the new security class representing retained keys. Extend the "key_alloc" security hook with a task parameter representing the intended ownership context for the key being allocated. Attach security information to root's default keyrings within the SELinux initialization routine. Has passed David's testsuite. Signed-off-by: Michael LeMay <mdlemay@epoch.ncsc.mil> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security/keys/request_key_auth.c')
-rw-r--r--security/keys/request_key_auth.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index cce6ba6..0ecc2e8 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -148,7 +148,7 @@ struct key *request_key_auth_new(struct key *target, const char *callout_info)
sprintf(desc, "%x", target->serial);
authkey = key_alloc(&key_type_request_key_auth, desc,
- current->fsuid, current->fsgid,
+ current->fsuid, current->fsgid, current,
KEY_POS_VIEW | KEY_POS_READ | KEY_POS_SEARCH |
KEY_USR_VIEW, 1);
if (IS_ERR(authkey)) {