diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2013-09-04 14:26:22 +0200 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2013-09-25 18:17:01 +0200 |
commit | c124bde28bce41f9e46e32d03d134a81e116d38c (patch) | |
tree | d507bc7cf4719cff70c4623f39cbb06b0b89d01a /security/keys | |
parent | KEYS: verify a certificate is signed by a 'trusted' key (diff) | |
download | linux-c124bde28bce41f9e46e32d03d134a81e116d38c.tar.xz linux-c124bde28bce41f9e46e32d03d134a81e116d38c.zip |
KEYS: initialize root uid and session keyrings early
In order to create the integrity keyrings (eg. _evm, _ima), root's
uid and session keyrings need to be initialized early.
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/keys')
-rw-r--r-- | security/keys/process_keys.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 68548ea6fe01..0cf8a130a267 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -857,3 +857,13 @@ void key_change_session_keyring(struct callback_head *twork) commit_creds(new); } + +/* + * Make sure that root's user and user-session keyrings exist. + */ +static int __init init_root_keyring(void) +{ + return install_user_keyrings(); +} + +late_initcall(init_root_keyring); |