1 files changed, 4 insertions, 4 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 2fb2576dc644..9cf2575f0d97 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -541,7 +541,7 @@ static int keyring_search_iterator(const void *object, void *iterator_data)
        /* key must have search permissions */
        if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&
            key_task_permission(make_key_ref(key, ctx->possessed),
-                                ctx->cred, KEY_SEARCH) < 0) {
+                                ctx->cred, KEY_NEED_SEARCH) < 0) {
                ctx->result = ERR_PTR(-EACCES);
                kleave(" = %d [!perm]", ctx->skipped_ret);
                goto skipped;
@@ -721,7 +721,7 @@ ascend_to_node:
                /* Search a nested keyring */
                if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&
                    key_task_permission(make_key_ref(key, ctx->possessed),
-                                        ctx->cred, KEY_SEARCH) < 0)
+                                        ctx->cred, KEY_NEED_SEARCH) < 0)
                        continue;
                /* stack the current position */
@@ -843,7 +843,7 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref,
                return ERR_PTR(-ENOTDIR);
        if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM)) {
-                err = key_task_permission(keyring_ref, ctx->cred, KEY_SEARCH);
+                err = key_task_permission(keyring_ref, ctx->cred, KEY_NEED_SEARCH);
                if (err < 0)
                        return ERR_PTR(err);
        }
@@ -973,7 +973,7 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check)
                        if (!skip_perm_check &&
                            key_permission(make_key_ref(keyring, 0),
-                                           KEY_SEARCH) < 0)
+                                           KEY_NEED_SEARCH) < 0)
                                continue;
                        /* we've got a match but we might end up racing with

diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 2fb2576dc644..9cf2575f0d97 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c
@@ -541,7 +541,7 @@ static int keyring_search_iterator(const void object, void iterator_data)
541	/* key must have search permissions */	541	/* key must have search permissions */
542	if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&	542	if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&
543	key_task_permission(make_key_ref(key, ctx->possessed),	543	key_task_permission(make_key_ref(key, ctx->possessed),
544	ctx->cred, KEY_SEARCH) < 0) {	544	ctx->cred, KEY_NEED_SEARCH) < 0) {
545	ctx->result = ERR_PTR(-EACCES);	545	ctx->result = ERR_PTR(-EACCES);
546	kleave(" = %d [!perm]", ctx->skipped_ret);	546	kleave(" = %d [!perm]", ctx->skipped_ret);
547	goto skipped;	547	goto skipped;
@@ -721,7 +721,7 @@ ascend_to_node:
721	/* Search a nested keyring */	721	/* Search a nested keyring */
722	if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&	722	if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&
723	key_task_permission(make_key_ref(key, ctx->possessed),	723	key_task_permission(make_key_ref(key, ctx->possessed),
724	ctx->cred, KEY_SEARCH) < 0)	724	ctx->cred, KEY_NEED_SEARCH) < 0)
725	continue;	725	continue;
726		726
727	/* stack the current position */	727	/* stack the current position */
@@ -843,7 +843,7 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref,
843	return ERR_PTR(-ENOTDIR);	843	return ERR_PTR(-ENOTDIR);
844		844
845	if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM)) {	845	if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM)) {
846	err = key_task_permission(keyring_ref, ctx->cred, KEY_SEARCH);	846	err = key_task_permission(keyring_ref, ctx->cred, KEY_NEED_SEARCH);
847	if (err < 0)	847	if (err < 0)
848	return ERR_PTR(err);	848	return ERR_PTR(err);
849	}	849	}
@@ -973,7 +973,7 @@ struct key find_keyring_by_name(const char name, bool skip_perm_check)
973		973
974	if (!skip_perm_check &&	974	if (!skip_perm_check &&
975	key_permission(make_key_ref(keyring, 0),	975	key_permission(make_key_ref(keyring, 0),
976	KEY_SEARCH) < 0)	976	KEY_NEED_SEARCH) < 0)
977	continue;	977	continue;
978		978
979	/* we've got a match but we might end up racing with	979	/* we've got a match but we might end up racing with