KEYS: initialize root uid and session keyrings early

In order to create the integrity keyrings (eg. _evm, _ima), root's uid and session keyrings need to be initialized early. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com>
author: Mimi Zohar <zohar@linux.vnet.ibm.com> 2013-09-04 13:26:22 +0100
committer: David Howells <dhowells@redhat.com> 2013-09-25 17:17:01 +0100
commit: c124bde28bce41f9e46e32d03d134a81e116d38c (patch)
tree: d507bc7cf4719cff70c4623f39cbb06b0b89d01a /security
parent: 09fbc47373826d67531380662b516de2da120545 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 68548ea6fe0..0cf8a130a26 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -857,3 +857,13 @@ void key_change_session_keyring(struct callback_head *twork)
 
 	commit_creds(new);
 }
+
+/*
+ * Make sure that root's user and user-session keyrings exist.
+ */
+static int __init init_root_keyring(void)
+{
+	return install_user_keyrings();
+}
+
+late_initcall(init_root_keyring);
author	Mimi Zohar <zohar@linux.vnet.ibm.com>	2013-09-04 13:26:22 +0100
committer	David Howells <dhowells@redhat.com>	2013-09-25 17:17:01 +0100
commit	c124bde28bce41f9e46e32d03d134a81e116d38c (patch)
tree	d507bc7cf4719cff70c4623f39cbb06b0b89d01a /security
parent	09fbc47373826d67531380662b516de2da120545 (diff)