1 files changed, 19 insertions, 58 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 60924f6a52db..83ec98b7e98d 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -46,7 +46,6 @@ static int key_get_type_from_user(char *type,
        return 0;
 }
-/*****************************************************************************/
 /*
 * extract the description of a new key from userspace and either add it as a
 * new key to the specified keyring or update a matching key in that keyring
@@ -132,10 +131,8 @@ SYSCALL_DEFINE5(add_key, const char __user *, _type,
        kfree(description);
 error:
        return ret;
+}
-} /* end sys_add_key() */
-/*****************************************************************************/
 /*
 * search the process keyrings for a matching key
 * - nested keyrings may also be searched if they have Search permission
@@ -222,10 +219,8 @@ error2:
        kfree(description);
 error:
        return ret;
+}
-} /* end sys_request_key() */
-/*****************************************************************************/
 /*
 * get the ID of the specified process keyring
 * - the keyring must have search permission to be found
@@ -251,7 +246,6 @@ error:
 } /* end keyctl_get_keyring_ID() */
-/*****************************************************************************/
 /*
 * join the session keyring
 * - implements keyctl(KEYCTL_JOIN_SESSION_KEYRING)
@@ -277,10 +271,8 @@ long keyctl_join_session_keyring(const char __user *_name)
 error:
        return ret;
+}
-} /* end keyctl_join_session_keyring() */
-/*****************************************************************************/
 /*
 * update a key's data payload
 * - the key must be writable
@@ -326,10 +318,8 @@ error2:
        kfree(payload);
 error:
        return ret;
+}
-} /* end keyctl_update_key() */
-/*****************************************************************************/
 /*
 * revoke a key
 * - the key must be writable
@@ -358,10 +348,8 @@ long keyctl_revoke_key(key_serial_t id)
        key_ref_put(key_ref);
 error:
        return ret;
+}
-} /* end keyctl_revoke_key() */
-/*****************************************************************************/
 /*
 * clear the specified process keyring
 * - the keyring must be writable
@@ -383,10 +371,8 @@ long keyctl_keyring_clear(key_serial_t ringid)
        key_ref_put(keyring_ref);
 error:
        return ret;
+}
-} /* end keyctl_keyring_clear() */
-/*****************************************************************************/
 /*
 * link a key into a keyring
 * - the keyring must be writable
@@ -417,10 +403,8 @@ error2:
        key_ref_put(keyring_ref);
 error:
        return ret;
+}
-} /* end keyctl_keyring_link() */
-/*****************************************************************************/
 /*
 * unlink the first attachment of a key from a keyring
 * - the keyring must be writable
@@ -451,10 +435,8 @@ error2:
        key_ref_put(keyring_ref);
 error:
        return ret;
+}
-} /* end keyctl_keyring_unlink() */
-/*****************************************************************************/
 /*
 * describe a user key
 * - the key must have view permission
@@ -531,10 +513,8 @@ error2:
        key_ref_put(key_ref);
 error:
        return ret;
+}
-} /* end keyctl_describe_key() */
-/*****************************************************************************/
 /*
 * search the specified keyring for a matching key
 * - the start keyring must be searchable
@@ -626,10 +606,8 @@ error2:
        kfree(description);
 error:
        return ret;
+}
-} /* end keyctl_keyring_search() */
-/*****************************************************************************/
 /*
 * read a user key's payload
 * - the keyring must be readable or the key must be searchable from the
@@ -688,10 +666,8 @@ error2:
        key_put(key);
 error:
        return ret;
+}
-} /* end keyctl_read_key() */
-/*****************************************************************************/
 /*
 * change the ownership of a key
 * - the keyring owned by the changer
@@ -796,10 +772,8 @@ quota_overrun:
        zapowner = newowner;
        ret = -EDQUOT;
        goto error_put;
+}
-} /* end keyctl_chown_key() */
-/*****************************************************************************/
 /*
 * change the permission mask on a key
 * - the keyring owned by the changer
@@ -838,8 +812,7 @@ long keyctl_setperm_key(key_serial_t id, key_perm_t perm)
        key_put(key);
 error:
        return ret;
+}
-} /* end keyctl_setperm_key() */
 /*
 * get the destination keyring for instantiation
@@ -895,7 +868,6 @@ static int keyctl_change_reqkey_auth(struct key *key)
        return commit_creds(new);
 }
-/*****************************************************************************/
 /*
 * instantiate the key with the specified payload, and, if one is given, link
 * the key into the keyring
@@ -973,10 +945,8 @@ error2:
                vfree(payload);
 error:
        return ret;
+}
-} /* end keyctl_instantiate_key() */
-/*****************************************************************************/
 /*
 * negatively instantiate the key with the given timeout (in seconds), and, if
 * one is given, link the key into the keyring
@@ -1020,10 +990,8 @@ long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
 error:
        return ret;
+}
-} /* end keyctl_negate_key() */
-/*****************************************************************************/
 /*
 * set the default keyring in which request_key() will cache keys
 * - return the old setting
@@ -1079,10 +1047,8 @@ set:
 error:
        abort_creds(new);
        return ret;
+}
-} /* end keyctl_set_reqkey_keyring() */
-/*****************************************************************************/
 /*
 * set or clear the timeout for a key
 */
@@ -1136,10 +1102,8 @@ okay:
        ret = 0;
 error:
        return ret;
+}
-} /* end keyctl_set_timeout() */
-/*****************************************************************************/
 /*
 * assume the authority to instantiate the specified key
 */
@@ -1178,8 +1142,7 @@ long keyctl_assume_authority(key_serial_t id)
        ret = authkey->serial;
 error:
        return ret;
+}
-} /* end keyctl_assume_authority() */
 /*
 * get the security label of a key
@@ -1348,7 +1311,6 @@ error_keyring:
 #endif /* !TIF_NOTIFY_RESUME */
 }
-/*****************************************************************************/
 /*
 * the key control system call
 */
@@ -1439,5 +1401,4 @@ SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3,
        default:
                return -EOPNOTSUPP;
        }
+}
-} /* end sys_keyctl() */

diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 60924f6a52db..83ec98b7e98d 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c
@@ -46,7 +46,6 @@ static int key_get_type_from_user(char *type,
46	return 0;	46	return 0;
47	}	47	}
48		48
49	/*****************************************************************************/
50	/*	49	/*
51	* extract the description of a new key from userspace and either add it as a	50	* extract the description of a new key from userspace and either add it as a
52	* new key to the specified keyring or update a matching key in that keyring	51	* new key to the specified keyring or update a matching key in that keyring
@@ -132,10 +131,8 @@ SYSCALL_DEFINE5(add_key, const char __user *, _type,
132	kfree(description);	131	kfree(description);
133	error:	132	error:
134	return ret;	133	return ret;
		134	}
135		135
136	} /* end sys_add_key() */
137
138	/*****************************************************************************/
139	/*	136	/*
140	* search the process keyrings for a matching key	137	* search the process keyrings for a matching key
141	* - nested keyrings may also be searched if they have Search permission	138	* - nested keyrings may also be searched if they have Search permission
@@ -222,10 +219,8 @@ error2:
222	kfree(description);	219	kfree(description);
223	error:	220	error:
224	return ret;	221	return ret;
		222	}
225		223
226	} /* end sys_request_key() */
227
228	/*****************************************************************************/
229	/*	224	/*
230	* get the ID of the specified process keyring	225	* get the ID of the specified process keyring
231	* - the keyring must have search permission to be found	226	* - the keyring must have search permission to be found
@@ -251,7 +246,6 @@ error:
251		246
252	} /* end keyctl_get_keyring_ID() */	247	} /* end keyctl_get_keyring_ID() */
253		248
254	/*****************************************************************************/
255	/*	249	/*
256	* join the session keyring	250	* join the session keyring
257	* - implements keyctl(KEYCTL_JOIN_SESSION_KEYRING)	251	* - implements keyctl(KEYCTL_JOIN_SESSION_KEYRING)
@@ -277,10 +271,8 @@ long keyctl_join_session_keyring(const char __user *_name)
277		271
278	error:	272	error:
279	return ret;	273	return ret;
		274	}
280		275
281	} /* end keyctl_join_session_keyring() */
282
283	/*****************************************************************************/
284	/*	276	/*
285	* update a key's data payload	277	* update a key's data payload
286	* - the key must be writable	278	* - the key must be writable
@@ -326,10 +318,8 @@ error2:
326	kfree(payload);	318	kfree(payload);
327	error:	319	error:
328	return ret;	320	return ret;
		321	}
329		322
330	} /* end keyctl_update_key() */
331
332	/*****************************************************************************/
333	/*	323	/*
334	* revoke a key	324	* revoke a key
335	* - the key must be writable	325	* - the key must be writable
@@ -358,10 +348,8 @@ long keyctl_revoke_key(key_serial_t id)
358	key_ref_put(key_ref);	348	key_ref_put(key_ref);
359	error:	349	error:
360	return ret;	350	return ret;
		351	}
361		352
362	} /* end keyctl_revoke_key() */
363
364	/*****************************************************************************/
365	/*	353	/*
366	* clear the specified process keyring	354	* clear the specified process keyring
367	* - the keyring must be writable	355	* - the keyring must be writable
@@ -383,10 +371,8 @@ long keyctl_keyring_clear(key_serial_t ringid)
383	key_ref_put(keyring_ref);	371	key_ref_put(keyring_ref);
384	error:	372	error:
385	return ret;	373	return ret;
		374	}
386		375
387	} /* end keyctl_keyring_clear() */
388
389	/*****************************************************************************/
390	/*	376	/*
391	* link a key into a keyring	377	* link a key into a keyring
392	* - the keyring must be writable	378	* - the keyring must be writable
@@ -417,10 +403,8 @@ error2:
417	key_ref_put(keyring_ref);	403	key_ref_put(keyring_ref);
418	error:	404	error:
419	return ret;	405	return ret;
		406	}
420		407
421	} /* end keyctl_keyring_link() */
422
423	/*****************************************************************************/
424	/*	408	/*
425	* unlink the first attachment of a key from a keyring	409	* unlink the first attachment of a key from a keyring
426	* - the keyring must be writable	410	* - the keyring must be writable
@@ -451,10 +435,8 @@ error2:
451	key_ref_put(keyring_ref);	435	key_ref_put(keyring_ref);
452	error:	436	error:
453	return ret;	437	return ret;
		438	}
454		439
455	} /* end keyctl_keyring_unlink() */
456
457	/*****************************************************************************/
458	/*	440	/*
459	* describe a user key	441	* describe a user key
460	* - the key must have view permission	442	* - the key must have view permission
@@ -531,10 +513,8 @@ error2:
531	key_ref_put(key_ref);	513	key_ref_put(key_ref);
532	error:	514	error:
533	return ret;	515	return ret;
		516	}
534		517
535	} /* end keyctl_describe_key() */
536
537	/*****************************************************************************/
538	/*	518	/*
539	* search the specified keyring for a matching key	519	* search the specified keyring for a matching key
540	* - the start keyring must be searchable	520	* - the start keyring must be searchable
@@ -626,10 +606,8 @@ error2:
626	kfree(description);	606	kfree(description);
627	error:	607	error:
628	return ret;	608	return ret;
		609	}
629		610
630	} /* end keyctl_keyring_search() */
631
632	/*****************************************************************************/
633	/*	611	/*
634	* read a user key's payload	612	* read a user key's payload
635	* - the keyring must be readable or the key must be searchable from the	613	* - the keyring must be readable or the key must be searchable from the
@@ -688,10 +666,8 @@ error2:
688	key_put(key);	666	key_put(key);
689	error:	667	error:
690	return ret;	668	return ret;
		669	}
691		670
692	} /* end keyctl_read_key() */
693
694	/*****************************************************************************/
695	/*	671	/*
696	* change the ownership of a key	672	* change the ownership of a key
697	* - the keyring owned by the changer	673	* - the keyring owned by the changer
@@ -796,10 +772,8 @@ quota_overrun:
796	zapowner = newowner;	772	zapowner = newowner;
797	ret = -EDQUOT;	773	ret = -EDQUOT;
798	goto error_put;	774	goto error_put;
		775	}
799		776
800	} /* end keyctl_chown_key() */
801
802	/*****************************************************************************/
803	/*	777	/*
804	* change the permission mask on a key	778	* change the permission mask on a key
805	* - the keyring owned by the changer	779	* - the keyring owned by the changer
@@ -838,8 +812,7 @@ long keyctl_setperm_key(key_serial_t id, key_perm_t perm)
838	key_put(key);	812	key_put(key);
839	error:	813	error:
840	return ret;	814	return ret;
841		815	}
842	} /* end keyctl_setperm_key() */
843		816
844	/*	817	/*
845	* get the destination keyring for instantiation	818	* get the destination keyring for instantiation
@@ -895,7 +868,6 @@ static int keyctl_change_reqkey_auth(struct key *key)
895	return commit_creds(new);	868	return commit_creds(new);
896	}	869	}
897		870
898	/*****************************************************************************/
899	/*	871	/*
900	* instantiate the key with the specified payload, and, if one is given, link	872	* instantiate the key with the specified payload, and, if one is given, link
901	* the key into the keyring	873	* the key into the keyring
@@ -973,10 +945,8 @@ error2:
973	vfree(payload);	945	vfree(payload);
974	error:	946	error:
975	return ret;	947	return ret;
		948	}
976		949
977	} /* end keyctl_instantiate_key() */
978
979	/*****************************************************************************/
980	/*	950	/*
981	* negatively instantiate the key with the given timeout (in seconds), and, if	951	* negatively instantiate the key with the given timeout (in seconds), and, if
982	* one is given, link the key into the keyring	952	* one is given, link the key into the keyring
@@ -1020,10 +990,8 @@ long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
1020		990
1021	error:	991	error:
1022	return ret;	992	return ret;
		993	}
1023		994
1024	} /* end keyctl_negate_key() */
1025
1026	/*****************************************************************************/
1027	/*	995	/*
1028	* set the default keyring in which request_key() will cache keys	996	* set the default keyring in which request_key() will cache keys
1029	* - return the old setting	997	* - return the old setting
@@ -1079,10 +1047,8 @@ set:
1079	error:	1047	error:
1080	abort_creds(new);	1048	abort_creds(new);
1081	return ret;	1049	return ret;
		1050	}
1082		1051
1083	} /* end keyctl_set_reqkey_keyring() */
1084
1085	/*****************************************************************************/
1086	/*	1052	/*
1087	* set or clear the timeout for a key	1053	* set or clear the timeout for a key
1088	*/	1054	*/
@@ -1136,10 +1102,8 @@ okay:
1136	ret = 0;	1102	ret = 0;
1137	error:	1103	error:
1138	return ret;	1104	return ret;
		1105	}
1139		1106
1140	} /* end keyctl_set_timeout() */
1141
1142	/*****************************************************************************/
1143	/*	1107	/*
1144	* assume the authority to instantiate the specified key	1108	* assume the authority to instantiate the specified key
1145	*/	1109	*/
@@ -1178,8 +1142,7 @@ long keyctl_assume_authority(key_serial_t id)
1178	ret = authkey->serial;	1142	ret = authkey->serial;
1179	error:	1143	error:
1180	return ret;	1144	return ret;
1181		1145	}
1182	} /* end keyctl_assume_authority() */
1183		1146
1184	/*	1147	/*
1185	* get the security label of a key	1148	* get the security label of a key
@@ -1348,7 +1311,6 @@ error_keyring:
1348	#endif /* !TIF_NOTIFY_RESUME */	1311	#endif /* !TIF_NOTIFY_RESUME */
1349	}	1312	}
1350		1313
1351	/*****************************************************************************/
1352	/*	1314	/*
1353	* the key control system call	1315	* the key control system call
1354	*/	1316	*/
@@ -1439,5 +1401,4 @@ SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3,
1439	default:	1401	default:
1440	return -EOPNOTSUPP;	1402	return -EOPNOTSUPP;
1441	}	1403	}
1442		1404	}
1443	} /* end sys_keyctl() */