Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Register
  • Sign in
  • I ipipe-x86
  • Project information
    • Project information
    • Activity
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Deployments
    • Deployments
    • Releases
  • Analytics
    • Analytics
    • Repository
  • Activity
  • Graph
  • Commits
Collapse sidebar
  • xenomaixenomai
  • ipipe-x86
  • Repository
  • ipipe-x86
  • security
  • keys
  • key.c
Find file BlameHistoryPermalink
  • Eric Biggers's avatar
    KEYS: allow reaching the keys quotas exactly · fe303ba7
    Eric Biggers authored Feb 14, 2019
    commit a08bf91c upstream.
    
    If the sysctl 'kernel.keys.maxkeys' is set to some number n, then
    actually users can only add up to 'n - 1' keys.  Likewise for
    'kernel.keys.maxbytes' and the root_* versions of these sysctls.  But
    these sysctls are apparently supposed to be *maximums*, as per their
    names and all documentation I could find -- the keyrings(7) man page,
    Documentation/security/keys/core.rst, and all the mentions of EDQUOT
    meaning that the key quota was *exceeded* (as opposed to reached).
    
    Thus, fix the code to allow reaching the quotas exactly.
    
    Fixes: 0b77f5bf
    
     ("keys: make the keyring quotas controllable through /proc/sys")
    Cc: stable@vger.kernel.org
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
    Signed-off-by: default avatarJames Morris <james.morris@microsoft.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    fe303ba7

Imprint & Privacy Policy