1 files changed, 11 insertions, 7 deletions

diff --git a/security/keys/key.c b/security/keys/key.c
index 99781b798312..a057e3311aad 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -1,6 +1,6 @@
 /* key.c: basic authentication token and access key management
  *
- * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
+ * Copyright (C) 2004-6 Red Hat, Inc. All Rights Reserved.
  * Written by David Howells (dhowells@redhat.com)
  *
  * This program is free software; you can redistribute it and/or
@@ -271,7 +271,7 @@ struct key *key_alloc(struct key_type *type, const char *desc,
          * its description */
         if (!not_in_quota) {
                 spin_lock(&user->lock);
-                if (user->qnkeys + 1 >= KEYQUOTA_MAX_KEYS &&
+                if (user->qnkeys + 1 >= KEYQUOTA_MAX_KEYS ||
                     user->qnbytes + quotalen >= KEYQUOTA_MAX_BYTES
                     )
                         goto no_quota;
@@ -795,12 +795,16 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
                 goto error_3;
         }
 
-        /* search for an existing key of the same type and description in the
-         * destination keyring
+        /* if it's possible to update this type of key, search for an existing
+         * key of the same type and description in the destination keyring and
+         * update that instead if possible
          */
-        key_ref = __keyring_search_one(keyring_ref, ktype, description, 0);
-        if (!IS_ERR(key_ref))
-                goto found_matching_key;
+        if (ktype->update) {
+                key_ref = __keyring_search_one(keyring_ref, ktype, description,
+                                               0);
+                if (!IS_ERR(key_ref))
+                        goto found_matching_key;
+        }
 
         /* decide on the permissions we want */
         perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR;