luck/tmp_suning_uos_patched
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

KEYS: refcount bug fix

Browse Source 
This patch fixes the key_ref leak, removes the unnecessary KEY_FLAG_KEEP
test before setting the flag, and cleans up the if/then brackets style
introduced in commit:
d3600bc KEYS: prevent keys from being removed from specified keyrings

Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
This commit is contained in:
Mimi Zohar 2016-01-07 07:46:36 -05:00
parent 6427e6c71c
commit 1d6d167c2e
2 changed files with 8 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
security/keys/key.c
View File

@ -430,8 +430,7 @@ static int __key_instantiate_and_link(struct key *key,
/* and link it into the destination keyring */
if (keyring) {
if (test_bit(KEY_FLAG_KEEP, &keyring->flags))
set_bit(KEY_FLAG_KEEP, &key->flags);
set_bit(KEY_FLAG_KEEP, &key->flags);
__key_link(key, _edit);
}

17
security/keys/keyctl.c
View File

@ -381,12 +381,11 @@ long keyctl_revoke_key(key_serial_t id)
}
key = key_ref_to_ptr(key_ref);
ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
return -EPERM;
else {
ret = -EPERM;
else
key_revoke(key);
ret = 0;
}
key_ref_put(key_ref);
error:
@ -432,12 +431,11 @@ long keyctl_invalidate_key(key_serial_t id)
invalidate:
key = key_ref_to_ptr(key_ref);
ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
ret = -EPERM;
else {
else
key_invalidate(key);
ret = 0;
}
error_put:
key_ref_put(key_ref);
error:
@ -1352,12 +1350,11 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout)
okay:
key = key_ref_to_ptr(key_ref);
ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
ret = -EPERM;
else {
else
key_set_timeout(key, timeout);
ret = 0;
}
key_put(key);
error: