1 files changed, 62 insertions, 31 deletions
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 769f9bdfd2b3..9d01021ca0c8 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -91,59 +91,94 @@ __initcall(key_proc_init);
 */
 #ifdef CONFIG_KEYS_DEBUG_PROC_KEYS
-static struct rb_node *__key_serial_next(struct rb_node *n)
+static struct rb_node *key_serial_next(struct rb_node *n)
 {
+        struct user_namespace *user_ns = current_user_ns();
+        n = rb_next(n);
        while (n) {
                struct key *key = rb_entry(n, struct key, serial_node);
-                if (key->user->user_ns == current_user_ns())
+                if (key->user->user_ns == user_ns)
                        break;
                n = rb_next(n);
        }
        return n;
 }
-static struct rb_node *key_serial_next(struct rb_node *n)
+static int proc_keys_open(struct inode *inode, struct file *file)
 {
-        return __key_serial_next(rb_next(n));
+        return seq_open(file, &proc_keys_ops);
 }
-static struct rb_node *key_serial_first(struct rb_root *r)
+static struct key *find_ge_key(key_serial_t id)
 {
-        struct rb_node *n = rb_first(r);
+        struct user_namespace *user_ns = current_user_ns();
-        return __key_serial_next(n);
+        struct rb_node *n = key_serial_tree.rb_node;
-}
+        struct key *minkey = NULL;
-static int proc_keys_open(struct inode *inode, struct file *file)
+        while (n) {
-{
+                struct key *key = rb_entry(n, struct key, serial_node);
-        return seq_open(file, &proc_keys_ops);
+                if (id < key->serial) {
+                        if (!minkey || minkey->serial > key->serial)
+                                minkey = key;
+                        n = n->rb_left;
+                } else if (id > key->serial) {
+                        n = n->rb_right;
+                } else {
+                        minkey = key;
+                        break;
+                }
+                key = NULL;
+        }
+        if (!minkey)
+                return NULL;
+        for (;;) {
+                if (minkey->user->user_ns == user_ns)
+                        return minkey;
+                n = rb_next(&minkey->serial_node);
+                if (!n)
+                        return NULL;
+                minkey = rb_entry(n, struct key, serial_node);
+        }
 }
 static void *proc_keys_start(struct seq_file *p, loff_t *_pos)
+        __acquires(key_serial_lock)
 {
-        struct rb_node *_p;
+        key_serial_t pos = *_pos;
-        loff_t pos = *_pos;
+        struct key *key;
        spin_lock(&key_serial_lock);
-        _p = key_serial_first(&key_serial_tree);
+        if (*_pos > INT_MAX)
-        while (pos > 0 && _p) {
+                return NULL;
-                pos--;
+        key = find_ge_key(pos);
-                _p = key_serial_next(_p);
+        if (!key)
-        }
+                return NULL;
+        *_pos = key->serial;
-        return _p;
+        return &key->serial_node;
+}
+static inline key_serial_t key_node_serial(struct rb_node *n)
+{
+        struct key *key = rb_entry(n, struct key, serial_node);
+        return key->serial;
 }
 static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos)
 {
-        (*_pos)++;
+        struct rb_node *n;
-        return key_serial_next((struct rb_node *) v);
+        n = key_serial_next(v);
+        if (n)
+                *_pos = key_node_serial(n);
+        return n;
 }
 static void proc_keys_stop(struct seq_file *p, void *v)
+        __releases(key_serial_lock)
 {
        spin_unlock(&key_serial_lock);
 }
@@ -174,11 +209,9 @@ static int proc_keys_show(struct seq_file *m, void *v)
        /* come up with a suitable timeout value */
        if (key->expiry == 0) {
                memcpy(xbuf, "perm", 5);
-        }
+        } else if (now.tv_sec >= key->expiry) {
-        else if (now.tv_sec >= key->expiry) {
                memcpy(xbuf, "expd", 5);
-        }
+        } else {
-        else {
                timo = key->expiry - now.tv_sec;
                if (timo < 60)
@@ -218,9 +251,7 @@ static int proc_keys_show(struct seq_file *m, void *v)
        seq_putc(m, '\n');
        rcu_read_unlock();
        return 0;
 }
 #endif /* CONFIG_KEYS_DEBUG_PROC_KEYS */
@@ -246,6 +277,7 @@ static struct rb_node *key_user_first(struct rb_root *r)
        struct rb_node *n = rb_first(r);
        return __key_user_next(n);
 }
 /*****************************************************************************/
 /*
 * implement "/proc/key-users" to provides a list of the key users
@@ -253,10 +285,10 @@ static struct rb_node *key_user_first(struct rb_root *r)
 static int proc_key_users_open(struct inode *inode, struct file *file)
 {
        return seq_open(file, &proc_key_users_ops);
 }
 static void *proc_key_users_start(struct seq_file *p, loff_t *_pos)
+        __acquires(key_user_lock)
 {
        struct rb_node *_p;
        loff_t pos = *_pos;
@@ -270,17 +302,16 @@ static void *proc_key_users_start(struct seq_file *p, loff_t *_pos)
        }
        return _p;
 }
 static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos)
 {
        (*_pos)++;
        return key_user_next((struct rb_node *) v);
 }
 static void proc_key_users_stop(struct seq_file *p, void *v)
+        __releases(key_user_lock)
 {
        spin_unlock(&key_user_lock);
 }

diff --git a/security/keys/proc.c b/security/keys/proc.c index 769f9bdfd2b3..9d01021ca0c8 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c
@@ -91,59 +91,94 @@ __initcall(key_proc_init);
91	*/	91	*/
92	#ifdef CONFIG_KEYS_DEBUG_PROC_KEYS	92	#ifdef CONFIG_KEYS_DEBUG_PROC_KEYS
93		93
94	static struct rb_node __key_serial_next(struct rb_node n)	94	static struct rb_node key_serial_next(struct rb_node n)
95	{	95	{
		96	struct user_namespace *user_ns = current_user_ns();
		97
		98	n = rb_next(n);
96	while (n) {	99	while (n) {
97	struct key *key = rb_entry(n, struct key, serial_node);	100	struct key *key = rb_entry(n, struct key, serial_node);
98	if (key->user->user_ns == current_user_ns())	101	if (key->user->user_ns == user_ns)
99	break;	102	break;
100	n = rb_next(n);	103	n = rb_next(n);
101	}	104	}
102	return n;	105	return n;
103	}	106	}
104		107
105	static struct rb_node key_serial_next(struct rb_node n)	108	static int proc_keys_open(struct inode inode, struct file file)
106	{	109	{
107	return __key_serial_next(rb_next(n));	110	return seq_open(file, &proc_keys_ops);
108	}	111	}
109		112
110	static struct rb_node key_serial_first(struct rb_root r)	113	static struct key *find_ge_key(key_serial_t id)
111	{	114	{
112	struct rb_node *n = rb_first(r);	115	struct user_namespace *user_ns = current_user_ns();
113	return __key_serial_next(n);	116	struct rb_node *n = key_serial_tree.rb_node;
114	}	117	struct key *minkey = NULL;
115		118
116	static int proc_keys_open(struct inode inode, struct file file)	119	while (n) {
117	{	120	struct key *key = rb_entry(n, struct key, serial_node);
118	return seq_open(file, &proc_keys_ops);	121	if (id < key->serial) {
		122	if (!minkey \|\| minkey->serial > key->serial)
		123	minkey = key;
		124	n = n->rb_left;
		125	} else if (id > key->serial) {
		126	n = n->rb_right;
		127	} else {
		128	minkey = key;
		129	break;
		130	}
		131	key = NULL;
		132	}
119		133
		134	if (!minkey)
		135	return NULL;
		136
		137	for (;;) {
		138	if (minkey->user->user_ns == user_ns)
		139	return minkey;
		140	n = rb_next(&minkey->serial_node);
		141	if (!n)
		142	return NULL;
		143	minkey = rb_entry(n, struct key, serial_node);
		144	}
120	}	145	}
121		146
122	static void proc_keys_start(struct seq_file p, loff_t *_pos)	147	static void proc_keys_start(struct seq_file p, loff_t *_pos)
		148	__acquires(key_serial_lock)
123	{	149	{
124	struct rb_node *_p;	150	key_serial_t pos = *_pos;
125	loff_t pos = *_pos;	151	struct key *key;
126		152
127	spin_lock(&key_serial_lock);	153	spin_lock(&key_serial_lock);
128		154
129	_p = key_serial_first(&key_serial_tree);	155	if (*_pos > INT_MAX)
130	while (pos > 0 && _p) {	156	return NULL;
131	pos--;	157	key = find_ge_key(pos);
132	_p = key_serial_next(_p);	158	if (!key)
133	}	159	return NULL;
134		160	*_pos = key->serial;
135	return _p;	161	return &key->serial_node;
		162	}
136		163
		164	static inline key_serial_t key_node_serial(struct rb_node *n)
		165	{
		166	struct key *key = rb_entry(n, struct key, serial_node);
		167	return key->serial;
137	}	168	}
138		169
139	static void proc_keys_next(struct seq_file p, void v, loff_t _pos)	170	static void proc_keys_next(struct seq_file p, void v, loff_t _pos)
140	{	171	{
141	(*_pos)++;	172	struct rb_node *n;
142	return key_serial_next((struct rb_node *) v);
143		173
		174	n = key_serial_next(v);
		175	if (n)
		176	*_pos = key_node_serial(n);
		177	return n;
144	}	178	}
145		179
146	static void proc_keys_stop(struct seq_file p, void v)	180	static void proc_keys_stop(struct seq_file p, void v)
		181	__releases(key_serial_lock)
147	{	182	{
148	spin_unlock(&key_serial_lock);	183	spin_unlock(&key_serial_lock);
149	}	184	}
@@ -174,11 +209,9 @@ static int proc_keys_show(struct seq_file m, void v)
174	/* come up with a suitable timeout value */	209	/* come up with a suitable timeout value */
175	if (key->expiry == 0) {	210	if (key->expiry == 0) {
176	memcpy(xbuf, "perm", 5);	211	memcpy(xbuf, "perm", 5);
177	}	212	} else if (now.tv_sec >= key->expiry) {
178	else if (now.tv_sec >= key->expiry) {
179	memcpy(xbuf, "expd", 5);	213	memcpy(xbuf, "expd", 5);
180	}	214	} else {
181	else {
182	timo = key->expiry - now.tv_sec;	215	timo = key->expiry - now.tv_sec;
183		216
184	if (timo < 60)	217	if (timo < 60)
@@ -218,9 +251,7 @@ static int proc_keys_show(struct seq_file m, void v)
218	seq_putc(m, '\n');	251	seq_putc(m, '\n');
219		252
220	rcu_read_unlock();	253	rcu_read_unlock();
221
222	return 0;	254	return 0;
223
224	}	255	}
225		256
226	#endif /* CONFIG_KEYS_DEBUG_PROC_KEYS */	257	#endif /* CONFIG_KEYS_DEBUG_PROC_KEYS */
@@ -246,6 +277,7 @@ static struct rb_node key_user_first(struct rb_root r)
246	struct rb_node *n = rb_first(r);	277	struct rb_node *n = rb_first(r);
247	return __key_user_next(n);	278	return __key_user_next(n);
248	}	279	}
		280
249	/*****************************************************************************/	281	/*****************************************************************************/
250	/*	282	/*
251	* implement "/proc/key-users" to provides a list of the key users	283	* implement "/proc/key-users" to provides a list of the key users
@@ -253,10 +285,10 @@ static struct rb_node key_user_first(struct rb_root r)
253	static int proc_key_users_open(struct inode inode, struct file file)	285	static int proc_key_users_open(struct inode inode, struct file file)
254	{	286	{
255	return seq_open(file, &proc_key_users_ops);	287	return seq_open(file, &proc_key_users_ops);
256
257	}	288	}
258		289
259	static void proc_key_users_start(struct seq_file p, loff_t *_pos)	290	static void proc_key_users_start(struct seq_file p, loff_t *_pos)
		291	__acquires(key_user_lock)
260	{	292	{
261	struct rb_node *_p;	293	struct rb_node *_p;
262	loff_t pos = *_pos;	294	loff_t pos = *_pos;
@@ -270,17 +302,16 @@ static void proc_key_users_start(struct seq_file p, loff_t *_pos)
270	}	302	}
271		303
272	return _p;	304	return _p;
273
274	}	305	}
275		306
276	static void proc_key_users_next(struct seq_file p, void v, loff_t _pos)	307	static void proc_key_users_next(struct seq_file p, void v, loff_t _pos)
277	{	308	{
278	(*_pos)++;	309	(*_pos)++;
279	return key_user_next((struct rb_node *) v);	310	return key_user_next((struct rb_node *) v);
280
281	}	311	}
282		312
283	static void proc_key_users_stop(struct seq_file p, void v)	313	static void proc_key_users_stop(struct seq_file p, void v)
		314	__releases(key_user_lock)
284	{	315	{
285	spin_unlock(&key_user_lock);	316	spin_unlock(&key_user_lock);
286	}	317	}