aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/keyctl.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/keys/keyctl.c')
-rw-r--r--security/keys/keyctl.c210
1 files changed, 137 insertions, 73 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index acc9c89e40a8..7c72baa02f2e 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -103,7 +103,7 @@ asmlinkage long sys_add_key(const char __user *_type,
103 } 103 }
104 104
105 /* find the target keyring (which must be writable) */ 105 /* find the target keyring (which must be writable) */
106 keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); 106 keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE);
107 if (IS_ERR(keyring_ref)) { 107 if (IS_ERR(keyring_ref)) {
108 ret = PTR_ERR(keyring_ref); 108 ret = PTR_ERR(keyring_ref);
109 goto error3; 109 goto error3;
@@ -185,7 +185,7 @@ asmlinkage long sys_request_key(const char __user *_type,
185 /* get the destination keyring if specified */ 185 /* get the destination keyring if specified */
186 dest_ref = NULL; 186 dest_ref = NULL;
187 if (destringid) { 187 if (destringid) {
188 dest_ref = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE); 188 dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE);
189 if (IS_ERR(dest_ref)) { 189 if (IS_ERR(dest_ref)) {
190 ret = PTR_ERR(dest_ref); 190 ret = PTR_ERR(dest_ref);
191 goto error3; 191 goto error3;
@@ -235,7 +235,7 @@ long keyctl_get_keyring_ID(key_serial_t id, int create)
235 key_ref_t key_ref; 235 key_ref_t key_ref;
236 long ret; 236 long ret;
237 237
238 key_ref = lookup_user_key(NULL, id, create, 0, KEY_SEARCH); 238 key_ref = lookup_user_key(id, create, 0, KEY_SEARCH);
239 if (IS_ERR(key_ref)) { 239 if (IS_ERR(key_ref)) {
240 ret = PTR_ERR(key_ref); 240 ret = PTR_ERR(key_ref);
241 goto error; 241 goto error;
@@ -308,7 +308,7 @@ long keyctl_update_key(key_serial_t id,
308 } 308 }
309 309
310 /* find the target key (which must be writable) */ 310 /* find the target key (which must be writable) */
311 key_ref = lookup_user_key(NULL, id, 0, 0, KEY_WRITE); 311 key_ref = lookup_user_key(id, 0, 0, KEY_WRITE);
312 if (IS_ERR(key_ref)) { 312 if (IS_ERR(key_ref)) {
313 ret = PTR_ERR(key_ref); 313 ret = PTR_ERR(key_ref);
314 goto error2; 314 goto error2;
@@ -336,7 +336,7 @@ long keyctl_revoke_key(key_serial_t id)
336 key_ref_t key_ref; 336 key_ref_t key_ref;
337 long ret; 337 long ret;
338 338
339 key_ref = lookup_user_key(NULL, id, 0, 0, KEY_WRITE); 339 key_ref = lookup_user_key(id, 0, 0, KEY_WRITE);
340 if (IS_ERR(key_ref)) { 340 if (IS_ERR(key_ref)) {
341 ret = PTR_ERR(key_ref); 341 ret = PTR_ERR(key_ref);
342 goto error; 342 goto error;
@@ -362,7 +362,7 @@ long keyctl_keyring_clear(key_serial_t ringid)
362 key_ref_t keyring_ref; 362 key_ref_t keyring_ref;
363 long ret; 363 long ret;
364 364
365 keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); 365 keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE);
366 if (IS_ERR(keyring_ref)) { 366 if (IS_ERR(keyring_ref)) {
367 ret = PTR_ERR(keyring_ref); 367 ret = PTR_ERR(keyring_ref);
368 goto error; 368 goto error;
@@ -388,13 +388,13 @@ long keyctl_keyring_link(key_serial_t id, key_serial_t ringid)
388 key_ref_t keyring_ref, key_ref; 388 key_ref_t keyring_ref, key_ref;
389 long ret; 389 long ret;
390 390
391 keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); 391 keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE);
392 if (IS_ERR(keyring_ref)) { 392 if (IS_ERR(keyring_ref)) {
393 ret = PTR_ERR(keyring_ref); 393 ret = PTR_ERR(keyring_ref);
394 goto error; 394 goto error;
395 } 395 }
396 396
397 key_ref = lookup_user_key(NULL, id, 1, 0, KEY_LINK); 397 key_ref = lookup_user_key(id, 1, 0, KEY_LINK);
398 if (IS_ERR(key_ref)) { 398 if (IS_ERR(key_ref)) {
399 ret = PTR_ERR(key_ref); 399 ret = PTR_ERR(key_ref);
400 goto error2; 400 goto error2;
@@ -422,13 +422,13 @@ long keyctl_keyring_unlink(key_serial_t id, key_serial_t ringid)
422 key_ref_t keyring_ref, key_ref; 422 key_ref_t keyring_ref, key_ref;
423 long ret; 423 long ret;
424 424
425 keyring_ref = lookup_user_key(NULL, ringid, 0, 0, KEY_WRITE); 425 keyring_ref = lookup_user_key(ringid, 0, 0, KEY_WRITE);
426 if (IS_ERR(keyring_ref)) { 426 if (IS_ERR(keyring_ref)) {
427 ret = PTR_ERR(keyring_ref); 427 ret = PTR_ERR(keyring_ref);
428 goto error; 428 goto error;
429 } 429 }
430 430
431 key_ref = lookup_user_key(NULL, id, 0, 0, 0); 431 key_ref = lookup_user_key(id, 0, 0, 0);
432 if (IS_ERR(key_ref)) { 432 if (IS_ERR(key_ref)) {
433 ret = PTR_ERR(key_ref); 433 ret = PTR_ERR(key_ref);
434 goto error2; 434 goto error2;
@@ -464,7 +464,7 @@ long keyctl_describe_key(key_serial_t keyid,
464 char *tmpbuf; 464 char *tmpbuf;
465 long ret; 465 long ret;
466 466
467 key_ref = lookup_user_key(NULL, keyid, 0, 1, KEY_VIEW); 467 key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW);
468 if (IS_ERR(key_ref)) { 468 if (IS_ERR(key_ref)) {
469 /* viewing a key under construction is permitted if we have the 469 /* viewing a key under construction is permitted if we have the
470 * authorisation token handy */ 470 * authorisation token handy */
@@ -472,7 +472,7 @@ long keyctl_describe_key(key_serial_t keyid,
472 instkey = key_get_instantiation_authkey(keyid); 472 instkey = key_get_instantiation_authkey(keyid);
473 if (!IS_ERR(instkey)) { 473 if (!IS_ERR(instkey)) {
474 key_put(instkey); 474 key_put(instkey);
475 key_ref = lookup_user_key(NULL, keyid, 475 key_ref = lookup_user_key(keyid,
476 0, 1, 0); 476 0, 1, 0);
477 if (!IS_ERR(key_ref)) 477 if (!IS_ERR(key_ref))
478 goto okay; 478 goto okay;
@@ -557,7 +557,7 @@ long keyctl_keyring_search(key_serial_t ringid,
557 } 557 }
558 558
559 /* get the keyring at which to begin the search */ 559 /* get the keyring at which to begin the search */
560 keyring_ref = lookup_user_key(NULL, ringid, 0, 0, KEY_SEARCH); 560 keyring_ref = lookup_user_key(ringid, 0, 0, KEY_SEARCH);
561 if (IS_ERR(keyring_ref)) { 561 if (IS_ERR(keyring_ref)) {
562 ret = PTR_ERR(keyring_ref); 562 ret = PTR_ERR(keyring_ref);
563 goto error2; 563 goto error2;
@@ -566,7 +566,7 @@ long keyctl_keyring_search(key_serial_t ringid,
566 /* get the destination keyring if specified */ 566 /* get the destination keyring if specified */
567 dest_ref = NULL; 567 dest_ref = NULL;
568 if (destringid) { 568 if (destringid) {
569 dest_ref = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE); 569 dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE);
570 if (IS_ERR(dest_ref)) { 570 if (IS_ERR(dest_ref)) {
571 ret = PTR_ERR(dest_ref); 571 ret = PTR_ERR(dest_ref);
572 goto error3; 572 goto error3;
@@ -636,7 +636,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
636 long ret; 636 long ret;
637 637
638 /* find the key first */ 638 /* find the key first */
639 key_ref = lookup_user_key(NULL, keyid, 0, 0, 0); 639 key_ref = lookup_user_key(keyid, 0, 0, 0);
640 if (IS_ERR(key_ref)) { 640 if (IS_ERR(key_ref)) {
641 ret = -ENOKEY; 641 ret = -ENOKEY;
642 goto error; 642 goto error;
@@ -699,7 +699,7 @@ long keyctl_chown_key(key_serial_t id, uid_t uid, gid_t gid)
699 if (uid == (uid_t) -1 && gid == (gid_t) -1) 699 if (uid == (uid_t) -1 && gid == (gid_t) -1)
700 goto error; 700 goto error;
701 701
702 key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR); 702 key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR);
703 if (IS_ERR(key_ref)) { 703 if (IS_ERR(key_ref)) {
704 ret = PTR_ERR(key_ref); 704 ret = PTR_ERR(key_ref);
705 goto error; 705 goto error;
@@ -804,7 +804,7 @@ long keyctl_setperm_key(key_serial_t id, key_perm_t perm)
804 if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL)) 804 if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL))
805 goto error; 805 goto error;
806 806
807 key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR); 807 key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR);
808 if (IS_ERR(key_ref)) { 808 if (IS_ERR(key_ref)) {
809 ret = PTR_ERR(key_ref); 809 ret = PTR_ERR(key_ref);
810 goto error; 810 goto error;
@@ -817,7 +817,7 @@ long keyctl_setperm_key(key_serial_t id, key_perm_t perm)
817 down_write(&key->sem); 817 down_write(&key->sem);
818 818
819 /* if we're not the sysadmin, we can only change a key that we own */ 819 /* if we're not the sysadmin, we can only change a key that we own */
820 if (capable(CAP_SYS_ADMIN) || key->uid == current->fsuid) { 820 if (capable(CAP_SYS_ADMIN) || key->uid == current_fsuid()) {
821 key->perm = perm; 821 key->perm = perm;
822 ret = 0; 822 ret = 0;
823 } 823 }
@@ -829,6 +829,60 @@ error:
829 829
830} /* end keyctl_setperm_key() */ 830} /* end keyctl_setperm_key() */
831 831
832/*
833 * get the destination keyring for instantiation
834 */
835static long get_instantiation_keyring(key_serial_t ringid,
836 struct request_key_auth *rka,
837 struct key **_dest_keyring)
838{
839 key_ref_t dkref;
840
841 /* just return a NULL pointer if we weren't asked to make a link */
842 if (ringid == 0) {
843 *_dest_keyring = NULL;
844 return 0;
845 }
846
847 /* if a specific keyring is nominated by ID, then use that */
848 if (ringid > 0) {
849 dkref = lookup_user_key(ringid, 1, 0, KEY_WRITE);
850 if (IS_ERR(dkref))
851 return PTR_ERR(dkref);
852 *_dest_keyring = key_ref_to_ptr(dkref);
853 return 0;
854 }
855
856 if (ringid == KEY_SPEC_REQKEY_AUTH_KEY)
857 return -EINVAL;
858
859 /* otherwise specify the destination keyring recorded in the
860 * authorisation key (any KEY_SPEC_*_KEYRING) */
861 if (ringid >= KEY_SPEC_REQUESTOR_KEYRING) {
862 *_dest_keyring = rka->dest_keyring;
863 return 0;
864 }
865
866 return -ENOKEY;
867}
868
869/*
870 * change the request_key authorisation key on the current process
871 */
872static int keyctl_change_reqkey_auth(struct key *key)
873{
874 struct cred *new;
875
876 new = prepare_creds();
877 if (!new)
878 return -ENOMEM;
879
880 key_put(new->request_key_auth);
881 new->request_key_auth = key_get(key);
882
883 return commit_creds(new);
884}
885
832/*****************************************************************************/ 886/*****************************************************************************/
833/* 887/*
834 * instantiate the key with the specified payload, and, if one is given, link 888 * instantiate the key with the specified payload, and, if one is given, link
@@ -839,13 +893,15 @@ long keyctl_instantiate_key(key_serial_t id,
839 size_t plen, 893 size_t plen,
840 key_serial_t ringid) 894 key_serial_t ringid)
841{ 895{
896 const struct cred *cred = current_cred();
842 struct request_key_auth *rka; 897 struct request_key_auth *rka;
843 struct key *instkey; 898 struct key *instkey, *dest_keyring;
844 key_ref_t keyring_ref;
845 void *payload; 899 void *payload;
846 long ret; 900 long ret;
847 bool vm = false; 901 bool vm = false;
848 902
903 kenter("%d,,%zu,%d", id, plen, ringid);
904
849 ret = -EINVAL; 905 ret = -EINVAL;
850 if (plen > 1024 * 1024 - 1) 906 if (plen > 1024 * 1024 - 1)
851 goto error; 907 goto error;
@@ -853,7 +909,7 @@ long keyctl_instantiate_key(key_serial_t id,
853 /* the appropriate instantiation authorisation key must have been 909 /* the appropriate instantiation authorisation key must have been
854 * assumed before calling this */ 910 * assumed before calling this */
855 ret = -EPERM; 911 ret = -EPERM;
856 instkey = current->request_key_auth; 912 instkey = cred->request_key_auth;
857 if (!instkey) 913 if (!instkey)
858 goto error; 914 goto error;
859 915
@@ -883,28 +939,20 @@ long keyctl_instantiate_key(key_serial_t id,
883 939
884 /* find the destination keyring amongst those belonging to the 940 /* find the destination keyring amongst those belonging to the
885 * requesting task */ 941 * requesting task */
886 keyring_ref = NULL; 942 ret = get_instantiation_keyring(ringid, rka, &dest_keyring);
887 if (ringid) { 943 if (ret < 0)
888 keyring_ref = lookup_user_key(rka->context, ringid, 1, 0, 944 goto error2;
889 KEY_WRITE);
890 if (IS_ERR(keyring_ref)) {
891 ret = PTR_ERR(keyring_ref);
892 goto error2;
893 }
894 }
895 945
896 /* instantiate the key and link it into a keyring */ 946 /* instantiate the key and link it into a keyring */
897 ret = key_instantiate_and_link(rka->target_key, payload, plen, 947 ret = key_instantiate_and_link(rka->target_key, payload, plen,
898 key_ref_to_ptr(keyring_ref), instkey); 948 dest_keyring, instkey);
899 949
900 key_ref_put(keyring_ref); 950 key_put(dest_keyring);
901 951
902 /* discard the assumed authority if it's just been disabled by 952 /* discard the assumed authority if it's just been disabled by
903 * instantiation of the key */ 953 * instantiation of the key */
904 if (ret == 0) { 954 if (ret == 0)
905 key_put(current->request_key_auth); 955 keyctl_change_reqkey_auth(NULL);
906 current->request_key_auth = NULL;
907 }
908 956
909error2: 957error2:
910 if (!vm) 958 if (!vm)
@@ -923,15 +971,17 @@ error:
923 */ 971 */
924long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid) 972long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
925{ 973{
974 const struct cred *cred = current_cred();
926 struct request_key_auth *rka; 975 struct request_key_auth *rka;
927 struct key *instkey; 976 struct key *instkey, *dest_keyring;
928 key_ref_t keyring_ref;
929 long ret; 977 long ret;
930 978
979 kenter("%d,%u,%d", id, timeout, ringid);
980
931 /* the appropriate instantiation authorisation key must have been 981 /* the appropriate instantiation authorisation key must have been
932 * assumed before calling this */ 982 * assumed before calling this */
933 ret = -EPERM; 983 ret = -EPERM;
934 instkey = current->request_key_auth; 984 instkey = cred->request_key_auth;
935 if (!instkey) 985 if (!instkey)
936 goto error; 986 goto error;
937 987
@@ -941,27 +991,20 @@ long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
941 991
942 /* find the destination keyring if present (which must also be 992 /* find the destination keyring if present (which must also be
943 * writable) */ 993 * writable) */
944 keyring_ref = NULL; 994 ret = get_instantiation_keyring(ringid, rka, &dest_keyring);
945 if (ringid) { 995 if (ret < 0)
946 keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); 996 goto error;
947 if (IS_ERR(keyring_ref)) {
948 ret = PTR_ERR(keyring_ref);
949 goto error;
950 }
951 }
952 997
953 /* instantiate the key and link it into a keyring */ 998 /* instantiate the key and link it into a keyring */
954 ret = key_negate_and_link(rka->target_key, timeout, 999 ret = key_negate_and_link(rka->target_key, timeout,
955 key_ref_to_ptr(keyring_ref), instkey); 1000 dest_keyring, instkey);
956 1001
957 key_ref_put(keyring_ref); 1002 key_put(dest_keyring);
958 1003
959 /* discard the assumed authority if it's just been disabled by 1004 /* discard the assumed authority if it's just been disabled by
960 * instantiation of the key */ 1005 * instantiation of the key */
961 if (ret == 0) { 1006 if (ret == 0)
962 key_put(current->request_key_auth); 1007 keyctl_change_reqkey_auth(NULL);
963 current->request_key_auth = NULL;
964 }
965 1008
966error: 1009error:
967 return ret; 1010 return ret;
@@ -975,35 +1018,56 @@ error:
975 */ 1018 */
976long keyctl_set_reqkey_keyring(int reqkey_defl) 1019long keyctl_set_reqkey_keyring(int reqkey_defl)
977{ 1020{
978 int ret; 1021 struct cred *new;
1022 int ret, old_setting;
1023
1024 old_setting = current_cred_xxx(jit_keyring);
1025
1026 if (reqkey_defl == KEY_REQKEY_DEFL_NO_CHANGE)
1027 return old_setting;
1028
1029 new = prepare_creds();
1030 if (!new)
1031 return -ENOMEM;
979 1032
980 switch (reqkey_defl) { 1033 switch (reqkey_defl) {
981 case KEY_REQKEY_DEFL_THREAD_KEYRING: 1034 case KEY_REQKEY_DEFL_THREAD_KEYRING:
982 ret = install_thread_keyring(current); 1035 ret = install_thread_keyring_to_cred(new);
983 if (ret < 0) 1036 if (ret < 0)
984 return ret; 1037 goto error;
985 goto set; 1038 goto set;
986 1039
987 case KEY_REQKEY_DEFL_PROCESS_KEYRING: 1040 case KEY_REQKEY_DEFL_PROCESS_KEYRING:
988 ret = install_process_keyring(current); 1041 ret = install_process_keyring_to_cred(new);
989 if (ret < 0) 1042 if (ret < 0) {
990 return ret; 1043 if (ret != -EEXIST)
1044 goto error;
1045 ret = 0;
1046 }
1047 goto set;
991 1048
992 case KEY_REQKEY_DEFL_DEFAULT: 1049 case KEY_REQKEY_DEFL_DEFAULT:
993 case KEY_REQKEY_DEFL_SESSION_KEYRING: 1050 case KEY_REQKEY_DEFL_SESSION_KEYRING:
994 case KEY_REQKEY_DEFL_USER_KEYRING: 1051 case KEY_REQKEY_DEFL_USER_KEYRING:
995 case KEY_REQKEY_DEFL_USER_SESSION_KEYRING: 1052 case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
996 set: 1053 case KEY_REQKEY_DEFL_REQUESTOR_KEYRING:
997 current->jit_keyring = reqkey_defl; 1054 goto set;
998 1055
999 case KEY_REQKEY_DEFL_NO_CHANGE: 1056 case KEY_REQKEY_DEFL_NO_CHANGE:
1000 return current->jit_keyring;
1001
1002 case KEY_REQKEY_DEFL_GROUP_KEYRING: 1057 case KEY_REQKEY_DEFL_GROUP_KEYRING:
1003 default: 1058 default:
1004 return -EINVAL; 1059 ret = -EINVAL;
1060 goto error;
1005 } 1061 }
1006 1062
1063set:
1064 new->jit_keyring = reqkey_defl;
1065 commit_creds(new);
1066 return old_setting;
1067error:
1068 abort_creds(new);
1069 return -EINVAL;
1070
1007} /* end keyctl_set_reqkey_keyring() */ 1071} /* end keyctl_set_reqkey_keyring() */
1008 1072
1009/*****************************************************************************/ 1073/*****************************************************************************/
@@ -1018,7 +1082,7 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout)
1018 time_t expiry; 1082 time_t expiry;
1019 long ret; 1083 long ret;
1020 1084
1021 key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR); 1085 key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR);
1022 if (IS_ERR(key_ref)) { 1086 if (IS_ERR(key_ref)) {
1023 ret = PTR_ERR(key_ref); 1087 ret = PTR_ERR(key_ref);
1024 goto error; 1088 goto error;
@@ -1062,9 +1126,7 @@ long keyctl_assume_authority(key_serial_t id)
1062 1126
1063 /* we divest ourselves of authority if given an ID of 0 */ 1127 /* we divest ourselves of authority if given an ID of 0 */
1064 if (id == 0) { 1128 if (id == 0) {
1065 key_put(current->request_key_auth); 1129 ret = keyctl_change_reqkey_auth(NULL);
1066 current->request_key_auth = NULL;
1067 ret = 0;
1068 goto error; 1130 goto error;
1069 } 1131 }
1070 1132
@@ -1079,10 +1141,12 @@ long keyctl_assume_authority(key_serial_t id)
1079 goto error; 1141 goto error;
1080 } 1142 }
1081 1143
1082 key_put(current->request_key_auth); 1144 ret = keyctl_change_reqkey_auth(authkey);
1083 current->request_key_auth = authkey; 1145 if (ret < 0)
1084 ret = authkey->serial; 1146 goto error;
1147 key_put(authkey);
1085 1148
1149 ret = authkey->serial;
1086error: 1150error:
1087 return ret; 1151 return ret;
1088 1152
@@ -1105,7 +1169,7 @@ long keyctl_get_security(key_serial_t keyid,
1105 char *context; 1169 char *context;
1106 long ret; 1170 long ret;
1107 1171
1108 key_ref = lookup_user_key(NULL, keyid, 0, 1, KEY_VIEW); 1172 key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW);
1109 if (IS_ERR(key_ref)) { 1173 if (IS_ERR(key_ref)) {
1110 if (PTR_ERR(key_ref) != -EACCES) 1174 if (PTR_ERR(key_ref) != -EACCES)
1111 return PTR_ERR(key_ref); 1175 return PTR_ERR(key_ref);
@@ -1117,7 +1181,7 @@ long keyctl_get_security(key_serial_t keyid,
1117 return PTR_ERR(key_ref); 1181 return PTR_ERR(key_ref);
1118 key_put(instkey); 1182 key_put(instkey);
1119 1183
1120 key_ref = lookup_user_key(NULL, keyid, 0, 1, 0); 1184 key_ref = lookup_user_key(keyid, 0, 1, 0);
1121 if (IS_ERR(key_ref)) 1185 if (IS_ERR(key_ref))
1122 return PTR_ERR(key_ref); 1186 return PTR_ERR(key_ref);
1123 } 1187 }