linux/security/keys
Eric Biggers a08bf91ce2 KEYS: allow reaching the keys quotas exactly
If the sysctl 'kernel.keys.maxkeys' is set to some number n, then
actually users can only add up to 'n - 1' keys.  Likewise for
'kernel.keys.maxbytes' and the root_* versions of these sysctls.  But
these sysctls are apparently supposed to be *maximums*, as per their
names and all documentation I could find -- the keyrings(7) man page,
Documentation/security/keys/core.rst, and all the mentions of EDQUOT
meaning that the key quota was *exceeded* (as opposed to reached).

Thus, fix the code to allow reaching the quotas exactly.

Fixes: 0b77f5bfb4 ("keys: make the keyring quotas controllable through /proc/sys")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
2019-02-15 14:12:08 -08:00
..
encrypted-keys libnvdimm for 4.21 2018-12-28 15:05:13 -08:00
big_key.c big key: get rid of stack array allocation 2018-05-11 13:07:45 -07:00
compat_dh.c KEYS: DH: validate __spare field 2017-07-14 11:01:38 +10:00
compat.c KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2] 2018-10-26 09:30:46 +01:00
dh.c Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name" 2018-09-25 13:28:58 +02:00
gc.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
internal.h keys: Export lookup_user_key to external users 2018-12-13 17:54:12 -08:00
Kconfig security/keys: BIG_KEY requires CONFIG_CRYPTO 2017-10-18 09:12:40 +01:00
key.c KEYS: allow reaching the keys quotas exactly 2019-02-15 14:12:08 -08:00
keyctl_pkey.c KEYS: fix parsing invalid pkey info string 2019-01-01 13:13:19 -08:00
keyctl.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
keyring.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
Makefile KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2] 2018-10-26 09:30:46 +01:00
permission.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
persistent.c sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h> 2017-03-02 08:42:31 +01:00
proc.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
process_keys.c libnvdimm for 4.21 2018-12-28 15:05:13 -08:00
request_key_auth.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
request_key.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
sysctl.c security: Convert use of typedef ctl_table to struct ctl_table 2014-04-15 13:39:58 +10:00
trusted.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2018-12-27 13:53:32 -08:00
user_defined.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00