Merge 4.14-rc4 into staging-next

We want the staging/iio fixes in here as well to handle merge issues. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2017-10-09 03:02:35 -0400
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2017-10-09 03:02:35 -0400
commit: 1236d6bb6e19fc72ffc6bbcdeb1bfefe450e54ee (patch)
tree: 47da3feee8e263e8c9352c85cf518e624be3c211 /security/keys/request_key_auth.c
parent: 750b1a6894ecc9b178c6e3d0a1170122971b2036 (diff)
parent: 8a5776a5f49812d29fe4b2d0a2d71675c3facf3f (diff)
1 files changed, 33 insertions, 41 deletions
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index afe9d22ab361..6ebf1af8fce9 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -120,6 +120,18 @@ static void request_key_auth_revoke(struct key *key)
        }
 }
+static void free_request_key_auth(struct request_key_auth *rka)
+{
+        if (!rka)
+                return;
+        key_put(rka->target_key);
+        key_put(rka->dest_keyring);
+        if (rka->cred)
+                put_cred(rka->cred);
+        kfree(rka->callout_info);
+        kfree(rka);
+}
 /*
 * Destroy an instantiation authorisation token key.
 */
@@ -129,15 +141,7 @@ static void request_key_auth_destroy(struct key *key)
        kenter("{%d}", key->serial);
-        if (rka->cred) {
+        free_request_key_auth(rka);
-                put_cred(rka->cred);
-                rka->cred = NULL;
-        }
-        key_put(rka->target_key);
-        key_put(rka->dest_keyring);
-        kfree(rka->callout_info);
-        kfree(rka);
 }
 /*
@@ -151,22 +155,18 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
        const struct cred *cred = current->cred;
        struct key *authkey = NULL;
        char desc[20];
-        int ret;
+        int ret = -ENOMEM;
        kenter("%d,", target->serial);
        /* allocate a auth record */
-        rka = kmalloc(sizeof(*rka), GFP_KERNEL);
+        rka = kzalloc(sizeof(*rka), GFP_KERNEL);
-        if (!rka) {
+        if (!rka)
-                kleave(" = -ENOMEM");
+                goto error;
-                return ERR_PTR(-ENOMEM);
+        rka->callout_info = kmemdup(callout_info, callout_len, GFP_KERNEL);
-        }
+        if (!rka->callout_info)
-        rka->callout_info = kmalloc(callout_len, GFP_KERNEL);
+                goto error_free_rka;
-        if (!rka->callout_info) {
+        rka->callout_len = callout_len;
-                kleave(" = -ENOMEM");
-                kfree(rka);
-                return ERR_PTR(-ENOMEM);
-        }
        /* see if the calling process is already servicing the key request of
         * another process */
@@ -176,8 +176,12 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
                /* if the auth key has been revoked, then the key we're
                 * servicing is already instantiated */
-                if (test_bit(KEY_FLAG_REVOKED, &cred->request_key_auth->flags))
+                if (test_bit(KEY_FLAG_REVOKED,
-                        goto auth_key_revoked;
+                             &cred->request_key_auth->flags)) {
+                        up_read(&cred->request_key_auth->sem);
+                        ret = -EKEYREVOKED;
+                        goto error_free_rka;
+                }
                irka = cred->request_key_auth->payload.data[0];
                rka->cred = get_cred(irka->cred);
@@ -193,8 +197,6 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
        rka->target_key = key_get(target);
        rka->dest_keyring = key_get(dest_keyring);
-        memcpy(rka->callout_info, callout_info, callout_len);
-        rka->callout_len = callout_len;
        /* allocate the auth key */
        sprintf(desc, "%x", target->serial);
@@ -205,32 +207,22 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
                            KEY_USR_VIEW, KEY_ALLOC_NOT_IN_QUOTA, NULL);
        if (IS_ERR(authkey)) {
                ret = PTR_ERR(authkey);
-                goto error_alloc;
+                goto error_free_rka;
        }
        /* construct the auth key */
        ret = key_instantiate_and_link(authkey, rka, 0, NULL, NULL);
        if (ret < 0)
-                goto error_inst;
+                goto error_put_authkey;
        kleave(" = {%d,%d}", authkey->serial, refcount_read(&authkey->usage));
        return authkey;
-auth_key_revoked:
+error_put_authkey:
-        up_read(&cred->request_key_auth->sem);
-        kfree(rka->callout_info);
-        kfree(rka);
-        kleave("= -EKEYREVOKED");
-        return ERR_PTR(-EKEYREVOKED);
-error_inst:
-        key_revoke(authkey);
        key_put(authkey);
-error_alloc:
+error_free_rka:
-        key_put(rka->target_key);
+        free_request_key_auth(rka);
-        key_put(rka->dest_keyring);
+error:
-        kfree(rka->callout_info);
-        kfree(rka);
        kleave("= %d", ret);
        return ERR_PTR(ret);
 }
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2017-10-09 03:02:35 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2017-10-09 03:02:35 -0400
commit	1236d6bb6e19fc72ffc6bbcdeb1bfefe450e54ee (patch)
tree	47da3feee8e263e8c9352c85cf518e624be3c211 /security/keys/request_key_auth.c
parent	750b1a6894ecc9b178c6e3d0a1170122971b2036 (diff)
parent	8a5776a5f49812d29fe4b2d0a2d71675c3facf3f (diff)