[PATCH] keys: sort out key quota system Add the ability for key creation to overrun the user's quota in some circumstances - notably when a session keyring is created and assigned to a process that didn't previously have one. This means it's still possible to log in, should PAM require the creation of a new session keyring, and fix an overburdened key quota. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: 7e047ef5fe2d52e83020e856b1bf2556a6a2ce98 [log] [tgz]
author: David Howells <dhowells@redhat.com> Mon Jun 26 00:24:50 2006 -0700
committer: Linus Torvalds <torvalds@g5.osdl.org> Mon Jun 26 09:58:18 2006 -0700
tree: 97656e2c56a27be9d1da451dde627b693b8643f2
parent: f116629d03655adaf7832b93b03c99391d09d4a7 [diff] [blame]
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index ed71d86..d744585 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c

@@ -102,7 +102,7 @@
 	/* create or update the requested key and add it to the target
 	 * keyring */
 	key_ref = key_create_or_update(keyring_ref, type, description,
-				       payload, plen, 0);
+				       payload, plen, KEY_ALLOC_IN_QUOTA);
 	if (!IS_ERR(key_ref)) {
 		ret = key_ref_to_ptr(key_ref)->serial;
 		key_ref_put(key_ref);
@@ -184,7 +184,8 @@
 
 	/* do the search */
 	key = request_key_and_link(ktype, description, callout_info,
-				   key_ref_to_ptr(dest_ref));
+				   key_ref_to_ptr(dest_ref),
+				   KEY_ALLOC_IN_QUOTA);
 	if (IS_ERR(key)) {
 		ret = PTR_ERR(key);
 		goto error5;
commit	7e047ef5fe2d52e83020e856b1bf2556a6a2ce98	[log] [tgz]
author	David Howells <dhowells@redhat.com>	Mon Jun 26 00:24:50 2006 -0700
committer	Linus Torvalds <torvalds@g5.osdl.org>	Mon Jun 26 09:58:18 2006 -0700
tree	97656e2c56a27be9d1da451dde627b693b8643f2
parent	f116629d03655adaf7832b93b03c99391d09d4a7 [diff] [blame]