1 files changed, 14 insertions, 4 deletions

diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 305ecb76519c..5d34b4e827d6 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -46,6 +46,9 @@ static int key_get_type_from_user(char *type,
  * Extract the description of a new key from userspace and either add it as a
  * new key to the specified keyring or update a matching key in that keyring.
  *
+ * If the description is NULL or an empty string, the key type is asked to
+ * generate one from the payload.
+ *
  * The keyring must be writable so that we can attach the key to it.
  *
  * If successful, the new key's serial number is returned, otherwise an error
@@ -72,10 +75,17 @@ SYSCALL_DEFINE5(add_key, const char __user *, _type,
         if (ret < 0)
                 goto error;
 
-        description = strndup_user(_description, PAGE_SIZE);
-        if (IS_ERR(description)) {
-                ret = PTR_ERR(description);
-                goto error;
+        description = NULL;
+        if (_description) {
+                description = strndup_user(_description, PAGE_SIZE);
+                if (IS_ERR(description)) {
+                        ret = PTR_ERR(description);
+                        goto error;
+                }
+                if (!*description) {
+                        kfree(description);
+                        description = NULL;
+                }
         }
 
         /* pull the payload in if one was supplied */