diff options
| author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2016-01-07 07:46:36 -0500 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2016-01-07 12:56:42 -0500 |
| commit | 1d6d167c2efcfe9539d9cffb1a1be9c92e39c2c0 (patch) | |
| tree | f875b8a19d539701b31ea4ffce40eee77c701103 | |
| parent | 6427e6c71c8b374761b661c4f355762794c171a1 (diff) | |
KEYS: refcount bug fix
This patch fixes the key_ref leak, removes the unnecessary KEY_FLAG_KEEP
test before setting the flag, and cleans up the if/then brackets style
introduced in commit:
d3600bc KEYS: prevent keys from being removed from specified keyrings
Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
| -rw-r--r-- | security/keys/key.c | 3 | ||||
| -rw-r--r-- | security/keys/keyctl.c | 17 |
2 files changed, 8 insertions, 12 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index 09ef276c4bdc..07a87311055c 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
| @@ -430,8 +430,7 @@ static int __key_instantiate_and_link(struct key *key, | |||
| 430 | 430 | ||
| 431 | /* and link it into the destination keyring */ | 431 | /* and link it into the destination keyring */ |
| 432 | if (keyring) { | 432 | if (keyring) { |
| 433 | if (test_bit(KEY_FLAG_KEEP, &keyring->flags)) | 433 | set_bit(KEY_FLAG_KEEP, &key->flags); |
| 434 | set_bit(KEY_FLAG_KEEP, &key->flags); | ||
| 435 | 434 | ||
| 436 | __key_link(key, _edit); | 435 | __key_link(key, _edit); |
| 437 | } | 436 | } |
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index e83ec6b9eb9d..8f9f323f372b 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
| @@ -381,12 +381,11 @@ long keyctl_revoke_key(key_serial_t id) | |||
| 381 | } | 381 | } |
| 382 | 382 | ||
| 383 | key = key_ref_to_ptr(key_ref); | 383 | key = key_ref_to_ptr(key_ref); |
| 384 | ret = 0; | ||
| 384 | if (test_bit(KEY_FLAG_KEEP, &key->flags)) | 385 | if (test_bit(KEY_FLAG_KEEP, &key->flags)) |
| 385 | return -EPERM; | 386 | ret = -EPERM; |
| 386 | else { | 387 | else |
| 387 | key_revoke(key); | 388 | key_revoke(key); |
| 388 | ret = 0; | ||
| 389 | } | ||
| 390 | 389 | ||
| 391 | key_ref_put(key_ref); | 390 | key_ref_put(key_ref); |
| 392 | error: | 391 | error: |
| @@ -432,12 +431,11 @@ long keyctl_invalidate_key(key_serial_t id) | |||
| 432 | 431 | ||
| 433 | invalidate: | 432 | invalidate: |
| 434 | key = key_ref_to_ptr(key_ref); | 433 | key = key_ref_to_ptr(key_ref); |
| 434 | ret = 0; | ||
| 435 | if (test_bit(KEY_FLAG_KEEP, &key->flags)) | 435 | if (test_bit(KEY_FLAG_KEEP, &key->flags)) |
| 436 | ret = -EPERM; | 436 | ret = -EPERM; |
| 437 | else { | 437 | else |
| 438 | key_invalidate(key); | 438 | key_invalidate(key); |
| 439 | ret = 0; | ||
| 440 | } | ||
| 441 | error_put: | 439 | error_put: |
| 442 | key_ref_put(key_ref); | 440 | key_ref_put(key_ref); |
| 443 | error: | 441 | error: |
| @@ -1352,12 +1350,11 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout) | |||
| 1352 | 1350 | ||
| 1353 | okay: | 1351 | okay: |
| 1354 | key = key_ref_to_ptr(key_ref); | 1352 | key = key_ref_to_ptr(key_ref); |
| 1353 | ret = 0; | ||
| 1355 | if (test_bit(KEY_FLAG_KEEP, &key->flags)) | 1354 | if (test_bit(KEY_FLAG_KEEP, &key->flags)) |
| 1356 | ret = -EPERM; | 1355 | ret = -EPERM; |
| 1357 | else { | 1356 | else |
| 1358 | key_set_timeout(key, timeout); | 1357 | key_set_timeout(key, timeout); |
| 1359 | ret = 0; | ||
| 1360 | } | ||
| 1361 | key_put(key); | 1358 | key_put(key); |
| 1362 | 1359 | ||
| 1363 | error: | 1360 | error: |