1 files changed, 20 insertions, 21 deletions
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index f6940618e345..217a0bef3c82 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -168,11 +168,12 @@ error:
 */
 int install_process_keyring(struct task_struct *tsk)
 {
-        unsigned long flags;
        struct key *keyring;
        char buf[20];
        int ret;
+        might_sleep();
        if (!tsk->signal->process_keyring) {
                sprintf(buf, "_pid.%u", tsk->tgid);
@@ -183,12 +184,12 @@ int install_process_keyring(struct task_struct *tsk)
                }
                /* attach keyring */
-                spin_lock_irqsave(&tsk->sighand->siglock, flags);
+                spin_lock_irq(&tsk->sighand->siglock);
                if (!tsk->signal->process_keyring) {
                        tsk->signal->process_keyring = keyring;
                        keyring = NULL;
                }
-                spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
+                spin_unlock_irq(&tsk->sighand->siglock);
                key_put(keyring);
        }
@@ -207,38 +208,37 @@ error:
 static int install_session_keyring(struct task_struct *tsk,
                                   struct key *keyring)
 {
-        unsigned long flags;
        struct key *old;
        char buf[20];
-        int ret;
+        might_sleep();
        /* create an empty session keyring */
        if (!keyring) {
                sprintf(buf, "_ses.%u", tsk->tgid);
                keyring = keyring_alloc(buf, tsk->uid, tsk->gid, 1, NULL);
-                if (IS_ERR(keyring)) {
+                if (IS_ERR(keyring))
-                        ret = PTR_ERR(keyring);
+                        return PTR_ERR(keyring);
-                        goto error;
-                }
        }
        else {
                atomic_inc(&keyring->usage);
        }
        /* install the keyring */
-        spin_lock_irqsave(&tsk->sighand->siglock, flags);
+        spin_lock_irq(&tsk->sighand->siglock);
-        old = rcu_dereference(tsk->signal->session_keyring);
+        old = tsk->signal->session_keyring;
        rcu_assign_pointer(tsk->signal->session_keyring, keyring);
-        spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
+        spin_unlock_irq(&tsk->sighand->siglock);
-        ret = 0;
+        /* we're using RCU on the pointer, but there's no point synchronising
+         * on it if it didn't previously point to anything */
+        if (old) {
+                synchronize_rcu();
+                key_put(old);
+        }
-        /* we're using RCU on the pointer */
+        return 0;
-        synchronize_rcu();
-        key_put(old);
-error:
-        return ret;
 } /* end install_session_keyring() */
@@ -311,7 +311,6 @@ void exit_keys(struct task_struct *tsk)
 */
 int exec_keys(struct task_struct *tsk)
 {
-        unsigned long flags;
        struct key *old;
        /* newly exec'd tasks don't get a thread keyring */
@@ -323,10 +322,10 @@ int exec_keys(struct task_struct *tsk)
        key_put(old);
        /* discard the process keyring from a newly exec'd task */
-        spin_lock_irqsave(&tsk->sighand->siglock, flags);
+        spin_lock_irq(&tsk->sighand->siglock);
        old = tsk->signal->process_keyring;
        tsk->signal->process_keyring = NULL;
-        spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
+        spin_unlock_irq(&tsk->sighand->siglock);
        key_put(old);

diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index f6940618e345..217a0bef3c82 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c
@@ -168,11 +168,12 @@ error:
168	*/	168	*/
169	int install_process_keyring(struct task_struct *tsk)	169	int install_process_keyring(struct task_struct *tsk)
170	{	170	{
171	unsigned long flags;
172	struct key *keyring;	171	struct key *keyring;
173	char buf[20];	172	char buf[20];
174	int ret;	173	int ret;
175		174
		175	might_sleep();
		176
176	if (!tsk->signal->process_keyring) {	177	if (!tsk->signal->process_keyring) {
177	sprintf(buf, "_pid.%u", tsk->tgid);	178	sprintf(buf, "_pid.%u", tsk->tgid);
178		179
@@ -183,12 +184,12 @@ int install_process_keyring(struct task_struct *tsk)
183	}	184	}
184		185
185	/* attach keyring */	186	/* attach keyring */
186	spin_lock_irqsave(&tsk->sighand->siglock, flags);	187	spin_lock_irq(&tsk->sighand->siglock);
187	if (!tsk->signal->process_keyring) {	188	if (!tsk->signal->process_keyring) {
188	tsk->signal->process_keyring = keyring;	189	tsk->signal->process_keyring = keyring;
189	keyring = NULL;	190	keyring = NULL;
190	}	191	}
191	spin_unlock_irqrestore(&tsk->sighand->siglock, flags);	192	spin_unlock_irq(&tsk->sighand->siglock);
192		193
193	key_put(keyring);	194	key_put(keyring);
194	}	195	}
@@ -207,38 +208,37 @@ error:
207	static int install_session_keyring(struct task_struct *tsk,	208	static int install_session_keyring(struct task_struct *tsk,
208	struct key *keyring)	209	struct key *keyring)
209	{	210	{
210	unsigned long flags;
211	struct key *old;	211	struct key *old;
212	char buf[20];	212	char buf[20];
213	int ret;	213
		214	might_sleep();
214		215
215	/* create an empty session keyring */	216	/* create an empty session keyring */
216	if (!keyring) {	217	if (!keyring) {
217	sprintf(buf, "_ses.%u", tsk->tgid);	218	sprintf(buf, "_ses.%u", tsk->tgid);
218		219
219	keyring = keyring_alloc(buf, tsk->uid, tsk->gid, 1, NULL);	220	keyring = keyring_alloc(buf, tsk->uid, tsk->gid, 1, NULL);
220	if (IS_ERR(keyring)) {	221	if (IS_ERR(keyring))
221	ret = PTR_ERR(keyring);	222	return PTR_ERR(keyring);
222	goto error;
223	}
224	}	223	}
225	else {	224	else {
226	atomic_inc(&keyring->usage);	225	atomic_inc(&keyring->usage);
227	}	226	}
228		227
229	/* install the keyring */	228	/* install the keyring */
230	spin_lock_irqsave(&tsk->sighand->siglock, flags);	229	spin_lock_irq(&tsk->sighand->siglock);
231	old = rcu_dereference(tsk->signal->session_keyring);	230	old = tsk->signal->session_keyring;
232	rcu_assign_pointer(tsk->signal->session_keyring, keyring);	231	rcu_assign_pointer(tsk->signal->session_keyring, keyring);
233	spin_unlock_irqrestore(&tsk->sighand->siglock, flags);	232	spin_unlock_irq(&tsk->sighand->siglock);
234		233
235	ret = 0;	234	/* we're using RCU on the pointer, but there's no point synchronising
		235	* on it if it didn't previously point to anything */
		236	if (old) {
		237	synchronize_rcu();
		238	key_put(old);
		239	}
236		240
237	/* we're using RCU on the pointer */	241	return 0;
238	synchronize_rcu();
239	key_put(old);
240	error:
241	return ret;
242		242
243	} /* end install_session_keyring() */	243	} /* end install_session_keyring() */
244		244
@@ -311,7 +311,6 @@ void exit_keys(struct task_struct *tsk)
311	*/	311	*/
312	int exec_keys(struct task_struct *tsk)	312	int exec_keys(struct task_struct *tsk)
313	{	313	{
314	unsigned long flags;
315	struct key *old;	314	struct key *old;
316		315
317	/* newly exec'd tasks don't get a thread keyring */	316	/* newly exec'd tasks don't get a thread keyring */
@@ -323,10 +322,10 @@ int exec_keys(struct task_struct *tsk)
323	key_put(old);	322	key_put(old);
324		323
325	/* discard the process keyring from a newly exec'd task */	324	/* discard the process keyring from a newly exec'd task */
326	spin_lock_irqsave(&tsk->sighand->siglock, flags);	325	spin_lock_irq(&tsk->sighand->siglock);
327	old = tsk->signal->process_keyring;	326	old = tsk->signal->process_keyring;
328	tsk->signal->process_keyring = NULL;	327	tsk->signal->process_keyring = NULL;
329	spin_unlock_irqrestore(&tsk->sighand->siglock, flags);	328	spin_unlock_irq(&tsk->sighand->siglock);
330		329
331	key_put(old);	330	key_put(old);
332		331