aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/key.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/keys/key.c')
-rw-r--r--security/keys/key.c24
1 files changed, 18 insertions, 6 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 1fdfccb3fe43..3304d37bb379 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -1,6 +1,6 @@
1/* key.c: basic authentication token and access key management 1/* key.c: basic authentication token and access key management
2 * 2 *
3 * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved. 3 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com) 4 * Written by David Howells (dhowells@redhat.com)
5 * 5 *
6 * This program is free software; you can redistribute it and/or 6 * This program is free software; you can redistribute it and/or
@@ -391,7 +391,8 @@ EXPORT_SYMBOL(key_payload_reserve);
391static int __key_instantiate_and_link(struct key *key, 391static int __key_instantiate_and_link(struct key *key,
392 const void *data, 392 const void *data,
393 size_t datalen, 393 size_t datalen,
394 struct key *keyring) 394 struct key *keyring,
395 struct key *instkey)
395{ 396{
396 int ret, awaken; 397 int ret, awaken;
397 398
@@ -419,6 +420,10 @@ static int __key_instantiate_and_link(struct key *key,
419 /* and link it into the destination keyring */ 420 /* and link it into the destination keyring */
420 if (keyring) 421 if (keyring)
421 ret = __key_link(keyring, key); 422 ret = __key_link(keyring, key);
423
424 /* disable the authorisation key */
425 if (instkey)
426 key_revoke(instkey);
422 } 427 }
423 } 428 }
424 429
@@ -439,19 +444,21 @@ static int __key_instantiate_and_link(struct key *key,
439int key_instantiate_and_link(struct key *key, 444int key_instantiate_and_link(struct key *key,
440 const void *data, 445 const void *data,
441 size_t datalen, 446 size_t datalen,
442 struct key *keyring) 447 struct key *keyring,
448 struct key *instkey)
443{ 449{
444 int ret; 450 int ret;
445 451
446 if (keyring) 452 if (keyring)
447 down_write(&keyring->sem); 453 down_write(&keyring->sem);
448 454
449 ret = __key_instantiate_and_link(key, data, datalen, keyring); 455 ret = __key_instantiate_and_link(key, data, datalen, keyring, instkey);
450 456
451 if (keyring) 457 if (keyring)
452 up_write(&keyring->sem); 458 up_write(&keyring->sem);
453 459
454 return ret; 460 return ret;
461
455} /* end key_instantiate_and_link() */ 462} /* end key_instantiate_and_link() */
456 463
457EXPORT_SYMBOL(key_instantiate_and_link); 464EXPORT_SYMBOL(key_instantiate_and_link);
@@ -462,7 +469,8 @@ EXPORT_SYMBOL(key_instantiate_and_link);
462 */ 469 */
463int key_negate_and_link(struct key *key, 470int key_negate_and_link(struct key *key,
464 unsigned timeout, 471 unsigned timeout,
465 struct key *keyring) 472 struct key *keyring,
473 struct key *instkey)
466{ 474{
467 struct timespec now; 475 struct timespec now;
468 int ret, awaken; 476 int ret, awaken;
@@ -495,6 +503,10 @@ int key_negate_and_link(struct key *key,
495 /* and link it into the destination keyring */ 503 /* and link it into the destination keyring */
496 if (keyring) 504 if (keyring)
497 ret = __key_link(keyring, key); 505 ret = __key_link(keyring, key);
506
507 /* disable the authorisation key */
508 if (instkey)
509 key_revoke(instkey);
498 } 510 }
499 511
500 up_write(&key_construction_sem); 512 up_write(&key_construction_sem);
@@ -781,7 +793,7 @@ struct key *key_create_or_update(struct key *keyring,
781 } 793 }
782 794
783 /* instantiate it and link it into the target keyring */ 795 /* instantiate it and link it into the target keyring */
784 ret = __key_instantiate_and_link(key, payload, plen, keyring); 796 ret = __key_instantiate_and_link(key, payload, plen, keyring, NULL);
785 if (ret < 0) { 797 if (ret < 0) {
786 key_put(key); 798 key_put(key);
787 key = ERR_PTR(ret); 799 key = ERR_PTR(ret);
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-21 04:43:57 -0500