From 826bb826274e48c867b41cb948d031a423373901 Mon Sep 17 00:00:00 2001
From: Yadavendra Yadav <yadayada@in.ibm.com>
Date: Wed, 15 Apr 2020 05:33:00 -0500
Subject: [PATCH] LINUX: Copy session keys to parent in SetToken

Commit 48589b5d (Linux: Restore aklog -setpag functionality for kernel
2.6.32+) added code to SetToken() to copy our session keyring to the
parent process, in order to implement -setpag functionality. But this
was removed from SetToken() in commit 1a6d4c16 (Linux: fix aklog
-setpag to work with ktc_SetTokenEx), when the same code was moved to
ktc_SetTokenEx().

Add this code back to SetTokens(), so -setpag functionality can work
again with utilities that use older functions like ktc_SetToken, like
'klog'.

Change-Id: I68c9bf2e19783ea6f84b4c5ebf2ef188d1d8d6ad
Reviewed-on: https://gerrit.openafs.org/14146
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
---
 src/auth/ktc.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/auth/ktc.c b/src/auth/ktc.c
index 27e5a2abb8..c04bc863b8 100644
--- a/src/auth/ktc.c
+++ b/src/auth/ktc.c
@@ -297,6 +297,15 @@ SetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
 #endif /* NO_AFS_CLIENT */
     if (code)
 	return KTC_PIOCTLFAIL;
+#if defined(AFS_LINUX26_ENV) && defined(SYS_keyctl)
+    else
+        /*
+         * If we're using keyring based PAGs and the SESSION_TO_PARENT keyctl
+         * is available, use it to copy the session keyring to the parent process
+         */
+        if (flags & AFS_SETTOK_SETPAG)
+            syscall(SYS_keyctl, KEYCTL_SESSION_TO_PARENT);
+#endif
     return 0;
 }