1 files changed, 24 insertions, 13 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index cdd2f3f88c88..a06ffab38568 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -176,13 +176,15 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m)
        else
                seq_puts(m, "[anon]");
-        rcu_read_lock();
+        if (key_is_instantiated(keyring)) {
-        klist = rcu_dereference(keyring->payload.subscriptions);
+                rcu_read_lock();
-        if (klist)
+                klist = rcu_dereference(keyring->payload.subscriptions);
-                seq_printf(m, ": %u/%u", klist->nkeys, klist->maxkeys);
+                if (klist)
-        else
+                        seq_printf(m, ": %u/%u", klist->nkeys, klist->maxkeys);
-                seq_puts(m, ": empty");
+                else
-        rcu_read_unlock();
+                        seq_puts(m, ": empty");
+                rcu_read_unlock();
+        }
 }
 /*
@@ -271,6 +273,7 @@ struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
 * @type: The type of key to search for.
 * @description: Parameter for @match.
 * @match: Function to rule on whether or not a key is the one required.
+ * @no_state_check: Don't check if a matching key is bad
 *
 * Search the supplied keyring tree for a key that matches the criteria given.
 * The root keyring and any linked keyrings must grant Search permission to the
@@ -303,7 +306,8 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref,
                             const struct cred *cred,
                             struct key_type *type,
                             const void *description,
-                             key_match_func_t match)
+                             key_match_func_t match,
+                             bool no_state_check)
 {
        struct {
                struct keyring_list *keylist;
@@ -345,6 +349,8 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref,
        kflags = keyring->flags;
        if (keyring->type == type && match(keyring, description)) {
                key = keyring;
+                if (no_state_check)
+                        goto found;
                /* check it isn't negative and hasn't expired or been
                 * revoked */
@@ -384,11 +390,13 @@ descend:
                        continue;
                /* skip revoked keys and expired keys */
-                if (kflags & (1 << KEY_FLAG_REVOKED))
+                if (!no_state_check) {
-                        continue;
+                        if (kflags & (1 << KEY_FLAG_REVOKED))
+                                continue;
-                if (key->expiry && now.tv_sec >= key->expiry)
+                        if (key->expiry && now.tv_sec >= key->expiry)
-                        continue;
+                                continue;
+                }
                /* keys that don't match */
                if (!match(key, description))
@@ -399,6 +407,9 @@ descend:
                                        cred, KEY_SEARCH) < 0)
                        continue;
+                if (no_state_check)
+                        goto found;
                /* we set a different error code if we pass a negative key */
                if (kflags & (1 << KEY_FLAG_NEGATIVE)) {
                        err = key->type_data.reject_error;
@@ -478,7 +489,7 @@ key_ref_t keyring_search(key_ref_t keyring,
                return ERR_PTR(-ENOKEY);
        return keyring_search_aux(keyring, current->cred,
-                                  type, description, type->match);
+                                  type, description, type->match, false);
 }
 EXPORT_SYMBOL(keyring_search);