diff options
Diffstat (limited to 'security/keys/keyctl.c')
| -rw-r--r-- | security/keys/keyctl.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index ab0b337c84b4..365ff85d7e27 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
| @@ -766,12 +766,17 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen) | |||
| 766 | 766 | ||
| 767 | key = key_ref_to_ptr(key_ref); | 767 | key = key_ref_to_ptr(key_ref); |
| 768 | 768 | ||
| 769 | if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) { | ||
| 770 | ret = -ENOKEY; | ||
| 771 | goto error2; | ||
| 772 | } | ||
| 773 | |||
| 769 | /* see if we can read it directly */ | 774 | /* see if we can read it directly */ |
| 770 | ret = key_permission(key_ref, KEY_NEED_READ); | 775 | ret = key_permission(key_ref, KEY_NEED_READ); |
| 771 | if (ret == 0) | 776 | if (ret == 0) |
| 772 | goto can_read_key; | 777 | goto can_read_key; |
| 773 | if (ret != -EACCES) | 778 | if (ret != -EACCES) |
| 774 | goto error; | 779 | goto error2; |
| 775 | 780 | ||
| 776 | /* we can't; see if it's searchable from this process's keyrings | 781 | /* we can't; see if it's searchable from this process's keyrings |
| 777 | * - we automatically take account of the fact that it may be | 782 | * - we automatically take account of the fact that it may be |
| @@ -1406,11 +1411,9 @@ long keyctl_assume_authority(key_serial_t id) | |||
| 1406 | } | 1411 | } |
| 1407 | 1412 | ||
| 1408 | ret = keyctl_change_reqkey_auth(authkey); | 1413 | ret = keyctl_change_reqkey_auth(authkey); |
| 1409 | if (ret < 0) | 1414 | if (ret == 0) |
| 1410 | goto error; | 1415 | ret = authkey->serial; |
| 1411 | key_put(authkey); | 1416 | key_put(authkey); |
| 1412 | |||
| 1413 | ret = authkey->serial; | ||
| 1414 | error: | 1417 | error: |
| 1415 | return ret; | 1418 | return ret; |
| 1416 | } | 1419 | } |