aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2009-09-16 10:54:14 -0400
committerJames Morris <jmorris@namei.org>2009-09-23 14:03:47 -0400
commit606531c316d30e9639473a6da09ee917125ab467 (patch)
treeb83f3d8d82597401bdee6a451facaa5c2de006d1 /security
parent0afd9056f1b43c9fcbfdf933b263d72023d382fe (diff)
KEYS: Have the garbage collector set its timer for live expired keys
The key garbage collector sets a timer to start a new collection cycle at the point the earliest key to expire should be considered garbage. However, it currently only does this if the key it is considering hasn't yet expired. If the key being considering has expired, but hasn't yet reached the collection time then it is ignored, and won't be collected until some other key provokes a round of collection. Make the garbage collector set the timer for the earliest key that hasn't yet passed its collection time, rather than the earliest key that hasn't yet expired. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/keys/gc.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/security/keys/gc.c b/security/keys/gc.c
index 485fc6233c38..4770be375ffe 100644
--- a/security/keys/gc.c
+++ b/security/keys/gc.c
@@ -169,9 +169,9 @@ static void key_garbage_collector(struct work_struct *work)
169 169
170 /* trawl through the keys looking for keyrings */ 170 /* trawl through the keys looking for keyrings */
171 for (;;) { 171 for (;;) {
172 if (key->expiry > now && key->expiry < new_timer) { 172 if (key->expiry > limit && key->expiry < new_timer) {
173 kdebug("will expire %x in %ld", 173 kdebug("will expire %x in %ld",
174 key_serial(key), key->expiry - now); 174 key_serial(key), key->expiry - limit);
175 new_timer = key->expiry; 175 new_timer = key->expiry;
176 } 176 }
177 177