Eric Biggers f812bec554 KEYS: allow reaching the keys quotas exactly ... commit a08bf91ce2 upstream. If the sysctl 'kernel.keys.maxkeys' is set to some number n, then actually users can only add up to 'n - 1' keys. Likewise for 'kernel.keys.maxbytes' and the root_* versions of these sysctls. But these sysctls are apparently supposed to be *maximums*, as per their names and all documentation I could find -- the keyrings(7) man page, Documentation/security/keys/core.rst, and all the mentions of EDQUOT meaning that the key quota was *exceeded* (as opposed to reached). Thus, fix the code to allow reaching the quotas exactly. Fixes: 0b77f5bfb4 ("keys: make the keyring quotas controllable through /proc/sys") Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.morris@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2019-02-27 10:08:50 +01:00
..
apparmor	apparmor: Fix uninitialized value in aa_split_fqname	2018-11-27 16:13:00 +01:00
integrity	ima: open a new file instance if no read permissions	2018-11-13 11:08:46 -08:00
keys	KEYS: allow reaching the keys quotas exactly	2019-02-27 10:08:50 +01:00
loadpin
selinux	selinux: always allow mounting submounts	2019-01-26 09:32:36 +01:00
smack	smack: fix access permissions for keyring	2019-02-12 19:47:05 +01:00
tomoyo
yama	Yama: Check for pid death before checking ancestry	2019-01-22 21:40:32 +01:00
commoncap.c
device_cgroup.c
inode.c
Kconfig	Revert "x86/mm/legacy: Populate the user page-table with user pgd's"	2018-09-14 17:08:45 +02:00
lsm_audit.c
Makefile
min_addr.c
security.c	LSM: Check for NULL cred-security on free	2019-01-22 21:40:35 +01:00