Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
> +static struct key_acl fscrypt_keyring_acl = {
> + .usage = REFCOUNT_INIT(1),
> + .nr_ace = 2,
> + .aces = {
> + KEY_POSSESSOR_ACE(KEY_ACE_SEARCH | KEY_ACE_INVAL |
> + KEY_ACE_JOIN),
> + KEY_OWNER_ACE(KEY_ACE_SEARCH | KEY_ACE_INVAL | KEY_ACE_JOIN |
> + KEY_ACE_READ | KEY_ACE_VIEW),
> + }
> +};
Does you really want JOIN permission for these keyrings? Are you permitting
them to be used with KEYCTL_JOIN_SESSION_KEYRING? Do you also want INVAL for
the keyring rather than just the keys it contains? Would CLEAR be more
appropriate?
> +static struct key_acl fscrypt_key_acl = {
> + .usage = REFCOUNT_INIT(1),
> + .nr_ace = 2,
> + .aces = {
> + KEY_POSSESSOR_ACE(KEY_ACE_SEARCH | KEY_ACE_INVAL |
> + KEY_ACE_JOIN),
> + KEY_OWNER_ACE(KEY_ACE_SEARCH | KEY_ACE_INVAL | KEY_ACE_JOIN |
> + KEY_ACE_VIEW),
> + }
> +};
JOIN permission is useless here. This is only used for keys of type
key_type_fscrypt that I can see - and those aren't keyrings and so aren't
joinable.
> +static struct key_acl fscrypt_user_key_acl = {
Ditto.
David
