11 files changed, 64 insertions, 36 deletions

diff --git a/Documentation/assoc_array.txt b/Documentation/assoc_array.txt
index f4faec0f66e4..2f2c6cdd73c0 100644
--- a/Documentation/assoc_array.txt
+++ b/Documentation/assoc_array.txt
@@ -164,10 +164,10 @@ This points to a number of methods, all of which need to be provided:
 
  (4) Diff the index keys of two objects.
 
-        int (*diff_objects)(const void *a, const void *b);
+        int (*diff_objects)(const void *object, const void *index_key);
 
-     Return the bit position at which the index keys of two objects differ or
-     -1 if they are the same.
+     Return the bit position at which the index key of the specified object
+     differs from the given index key or -1 if they are the same.
 
 
  (5) Free an object.
diff --git a/include/linux/assoc_array.h b/include/linux/assoc_array.h
index 9a193b84238a..a89df3be1686 100644
--- a/include/linux/assoc_array.h
+++ b/include/linux/assoc_array.h
@@ -41,10 +41,10 @@ struct assoc_array_ops {
         /* Is this the object we're looking for? */
         bool (*compare_object)(const void *object, const void *index_key);
 
-        /* How different are two objects, to a bit position in their keys? (or
-         * -1 if they're the same)
+        /* How different is an object from an index key, to a bit position in
+         * their keys? (or -1 if they're the same)
          */
-        int (*diff_objects)(const void *a, const void *b);
+        int (*diff_objects)(const void *object, const void *index_key);
 
         /* Method to free an object. */
         void (*free_object)(void *object);
diff --git a/include/linux/shmem_fs.h b/include/linux/shmem_fs.h
index 30aa0dc60d75..9d55438bc4ad 100644
--- a/include/linux/shmem_fs.h
+++ b/include/linux/shmem_fs.h
@@ -47,6 +47,8 @@ extern int shmem_init(void);
 extern int shmem_fill_super(struct super_block *sb, void *data, int silent);
 extern struct file *shmem_file_setup(const char *name,
                                         loff_t size, unsigned long flags);
+extern struct file *shmem_kernel_file_setup(const char *name, loff_t size,
+                                            unsigned long flags);
 extern int shmem_zero_setup(struct vm_area_struct *);
 extern int shmem_lock(struct file *file, int lock, struct user_struct *user);
 extern void shmem_unlock_mapping(struct address_space *mapping);
diff --git a/kernel/.gitignore b/kernel/.gitignore
index b3097bde4e9c..790d83c7d160 100644
--- a/kernel/.gitignore
+++ b/kernel/.gitignore
@@ -5,3 +5,4 @@ config_data.h
 config_data.gz
 timeconst.h
 hz.bc
+x509_certificate_list
diff --git a/kernel/system_certificates.S b/kernel/system_certificates.S
index 4aef390671cb..3e9868d47535 100644
--- a/kernel/system_certificates.S
+++ b/kernel/system_certificates.S
@@ -3,8 +3,18 @@
 
         __INITRODATA
 
+        .align 8
         .globl VMLINUX_SYMBOL(system_certificate_list)
 VMLINUX_SYMBOL(system_certificate_list):
+__cert_list_start:
         .incbin "kernel/x509_certificate_list"
-        .globl VMLINUX_SYMBOL(system_certificate_list_end)
-VMLINUX_SYMBOL(system_certificate_list_end):
+__cert_list_end:
+
+        .align 8
+        .globl VMLINUX_SYMBOL(system_certificate_list_size)
+VMLINUX_SYMBOL(system_certificate_list_size):
+#ifdef CONFIG_64BIT
+        .quad __cert_list_end - __cert_list_start
+#else
+        .long __cert_list_end - __cert_list_start
+#endif
diff --git a/kernel/system_keyring.c b/kernel/system_keyring.c
index 564dd93430a2..52ebc70263f4 100644
--- a/kernel/system_keyring.c
+++ b/kernel/system_keyring.c
@@ -22,7 +22,7 @@ struct key *system_trusted_keyring;
 EXPORT_SYMBOL_GPL(system_trusted_keyring);
 
 extern __initconst const u8 system_certificate_list[];
-extern __initconst const u8 system_certificate_list_end[];
+extern __initconst const unsigned long system_certificate_list_size;
 
 /*
  * Load the compiled-in keys
@@ -60,8 +60,8 @@ static __init int load_system_certificate_list(void)
 
         pr_notice("Loading compiled-in X.509 certificates\n");
 
-        end = system_certificate_list_end;
         p = system_certificate_list;
+        end = p + system_certificate_list_size;
         while (p < end) {
                 /* Each cert begins with an ASN.1 SEQUENCE tag and must be more
                  * than 256 bytes in size.
diff --git a/lib/assoc_array.c b/lib/assoc_array.c
index 17edeaf19180..1b6a44f1ec3e 100644
--- a/lib/assoc_array.c
+++ b/lib/assoc_array.c
@@ -759,8 +759,8 @@ all_leaves_cluster_together:
         pr_devel("all leaves cluster together\n");
         diff = INT_MAX;
         for (i = 0; i < ASSOC_ARRAY_FAN_OUT; i++) {
-                int x = ops->diff_objects(assoc_array_ptr_to_leaf(edit->leaf),
-                                          assoc_array_ptr_to_leaf(node->slots[i]));
+                int x = ops->diff_objects(assoc_array_ptr_to_leaf(node->slots[i]),
+                                          index_key);
                 if (x < diff) {
                         BUG_ON(x < 0);
                         diff = x;
diff --git a/mm/shmem.c b/mm/shmem.c
index 8297623fcaed..902a14842b74 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -2918,13 +2918,8 @@ static struct dentry_operations anon_ops = {
         .d_dname = simple_dname
 };
 
-/**
- * shmem_file_setup - get an unlinked file living in tmpfs
- * @name: name for dentry (to be seen in /proc/<pid>/maps
- * @size: size to be set for the file
- * @flags: VM_NORESERVE suppresses pre-accounting of the entire object size
- */
-struct file *shmem_file_setup(const char *name, loff_t size, unsigned long flags)
+static struct file *__shmem_file_setup(const char *name, loff_t size,
+                                       unsigned long flags, unsigned int i_flags)
 {
         struct file *res;
         struct inode *inode;
@@ -2957,6 +2952,7 @@ struct file *shmem_file_setup(const char *name, loff_t size, unsigned long flags
         if (!inode)
                 goto put_dentry;
 
+        inode->i_flags |= i_flags;
         d_instantiate(path.dentry, inode);
         inode->i_size = size;
         clear_nlink(inode);     /* It is unlinked */
@@ -2977,6 +2973,32 @@ put_memory:
         shmem_unacct_size(flags, size);
         return res;
 }
+
+/**
+ * shmem_kernel_file_setup - get an unlinked file living in tmpfs which must be
+ *      kernel internal.  There will be NO LSM permission checks against the
+ *      underlying inode.  So users of this interface must do LSM checks at a
+ *      higher layer.  The one user is the big_key implementation.  LSM checks
+ *      are provided at the key level rather than the inode level.
+ * @name: name for dentry (to be seen in /proc/<pid>/maps
+ * @size: size to be set for the file
+ * @flags: VM_NORESERVE suppresses pre-accounting of the entire object size
+ */
+struct file *shmem_kernel_file_setup(const char *name, loff_t size, unsigned long flags)
+{
+        return __shmem_file_setup(name, size, flags, S_PRIVATE);
+}
+
+/**
+ * shmem_file_setup - get an unlinked file living in tmpfs
+ * @name: name for dentry (to be seen in /proc/<pid>/maps
+ * @size: size to be set for the file
+ * @flags: VM_NORESERVE suppresses pre-accounting of the entire object size
+ */
+struct file *shmem_file_setup(const char *name, loff_t size, unsigned long flags)
+{
+        return __shmem_file_setup(name, size, flags, 0);
+}
 EXPORT_SYMBOL_GPL(shmem_file_setup);
 
 /**
diff --git a/security/keys/big_key.c b/security/keys/big_key.c
index 7f44c3207a9b..8137b27d641d 100644
--- a/security/keys/big_key.c
+++ b/security/keys/big_key.c
@@ -70,7 +70,7 @@ int big_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
                  *
                  * TODO: Encrypt the stored data with a temporary key.
                  */
-                file = shmem_file_setup("", datalen, 0);
+                file = shmem_kernel_file_setup("", datalen, 0);
                 if (IS_ERR(file)) {
                         ret = PTR_ERR(file);
                         goto err_quota;
diff --git a/security/keys/key.c b/security/keys/key.c
index 55d110f0aced..6e21c11e48bc 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -272,7 +272,7 @@ struct key *key_alloc(struct key_type *type, const char *desc,
         }
 
         /* allocate and initialise the key and its description */
-        key = kmem_cache_alloc(key_jar, GFP_KERNEL);
+        key = kmem_cache_zalloc(key_jar, GFP_KERNEL);
         if (!key)
                 goto no_memory_2;
 
@@ -293,18 +293,12 @@ struct key *key_alloc(struct key_type *type, const char *desc,
         key->uid = uid;
         key->gid = gid;
         key->perm = perm;
-        key->flags = 0;
-        key->expiry = 0;
-        key->payload.data = NULL;
-        key->security = NULL;
 
         if (!(flags & KEY_ALLOC_NOT_IN_QUOTA))
                 key->flags |= 1 << KEY_FLAG_IN_QUOTA;
         if (flags & KEY_ALLOC_TRUSTED)
                 key->flags |= 1 << KEY_FLAG_TRUSTED;
 
-        memset(&key->type_data, 0, sizeof(key->type_data));
-
 #ifdef KEY_DEBUGGING
         key->magic = KEY_DEBUG_MAGIC;
 #endif
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 69f0cb7bab7e..d46cbc5e335e 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -160,7 +160,7 @@ static u64 mult_64x32_and_fold(u64 x, u32 y)
 static unsigned long hash_key_type_and_desc(const struct keyring_index_key *index_key)
 {
         const unsigned level_shift = ASSOC_ARRAY_LEVEL_STEP;
-        const unsigned long level_mask = ASSOC_ARRAY_LEVEL_STEP_MASK;
+        const unsigned long fan_mask = ASSOC_ARRAY_FAN_MASK;
         const char *description = index_key->description;
         unsigned long hash, type;
         u32 piece;
@@ -194,10 +194,10 @@ static unsigned long hash_key_type_and_desc(const struct keyring_index_key *inde
          * ordinary keys by making sure the lowest level segment in the hash is
          * zero for keyrings and non-zero otherwise.
          */
-        if (index_key->type != &key_type_keyring && (hash & level_mask) == 0)
+        if (index_key->type != &key_type_keyring && (hash & fan_mask) == 0)
                 return hash | (hash >> (ASSOC_ARRAY_KEY_CHUNK_SIZE - level_shift)) | 1;
-        if (index_key->type == &key_type_keyring && (hash & level_mask) != 0)
-                return (hash + (hash << level_shift)) & ~level_mask;
+        if (index_key->type == &key_type_keyring && (hash & fan_mask) != 0)
+                return (hash + (hash << level_shift)) & ~fan_mask;
         return hash;
 }
 
@@ -279,12 +279,11 @@ static bool keyring_compare_object(const void *object, const void *data)
  * Compare the index keys of a pair of objects and determine the bit position
  * at which they differ - if they differ.
  */
-static int keyring_diff_objects(const void *_a, const void *_b)
+static int keyring_diff_objects(const void *object, const void *data)
 {
-        const struct key *key_a = keyring_ptr_to_key(_a);
-        const struct key *key_b = keyring_ptr_to_key(_b);
+        const struct key *key_a = keyring_ptr_to_key(object);
         const struct keyring_index_key *a = &key_a->index_key;
-        const struct keyring_index_key *b = &key_b->index_key;
+        const struct keyring_index_key *b = data;
         unsigned long seg_a, seg_b;
         int level, i;
 
@@ -691,8 +690,8 @@ descend_to_node:
                 smp_read_barrier_depends();
                 ptr = ACCESS_ONCE(shortcut->next_node);
                 BUG_ON(!assoc_array_ptr_is_node(ptr));
-                node = assoc_array_ptr_to_node(ptr);
         }
+        node = assoc_array_ptr_to_node(ptr);
 
 begin_node:
         kdebug("begin_node");