mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-06 05:06:29 +00:00
39705a6c29
When a process' cred struct is replaced, this _almost_ always invokes
the cred_prepare LSM hook; but in one special case (when
KEYCTL_SESSION_TO_PARENT updates the parent's credentials), the
cred_transfer LSM hook is used instead. Landlock only implements the
cred_prepare hook, not cred_transfer, so KEYCTL_SESSION_TO_PARENT causes
all information on Landlock restrictions to be lost.
This basically means that a process with the ability to use the fork()
and keyctl() syscalls can get rid of all Landlock restrictions on
itself.
Fix it by adding a cred_transfer hook that does the same thing as the
existing cred_prepare hook. (Implemented by having hook_cred_prepare()
call hook_cred_transfer() so that the two functions are less likely to
accidentally diverge in the future.)
Cc: stable@kernel.org
Fixes:
|
||
|---|---|---|
| .. | ||
| .kunitconfig | ||
| common.h | ||
| cred.c | ||
| cred.h | ||
| fs.c | ||
| fs.h | ||
| Kconfig | ||
| limits.h | ||
| Makefile | ||
| net.c | ||
| net.h | ||
| object.c | ||
| object.h | ||
| ruleset.c | ||
| ruleset.h | ||
| setup.c | ||
| setup.h | ||
| syscalls.c | ||
| task.c | ||
| task.h | ||