diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/keyring.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 2fb2bc9712ae..29de5ee3457b 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c | |||
| @@ -705,13 +705,14 @@ int __key_link(struct key *keyring, struct key *key) | |||
| 705 | if (keyring->type != &key_type_keyring) | 705 | if (keyring->type != &key_type_keyring) |
| 706 | goto error; | 706 | goto error; |
| 707 | 707 | ||
| 708 | /* serialise link/link calls to prevent parallel calls causing a | 708 | /* do some special keyring->keyring link checks */ |
| 709 | * cycle when applied to two keyring in opposite orders */ | ||
| 710 | down_write(&keyring_serialise_link_sem); | ||
| 711 | |||
| 712 | /* check that we aren't going to create a cycle adding one keyring to | ||
| 713 | * another */ | ||
| 714 | if (key->type == &key_type_keyring) { | 709 | if (key->type == &key_type_keyring) { |
| 710 | /* serialise link/link calls to prevent parallel calls causing | ||
| 711 | * a cycle when applied to two keyring in opposite orders */ | ||
| 712 | down_write(&keyring_serialise_link_sem); | ||
| 713 | |||
| 714 | /* check that we aren't going to create a cycle adding one | ||
| 715 | * keyring to another */ | ||
| 715 | ret = keyring_detect_cycle(keyring, key); | 716 | ret = keyring_detect_cycle(keyring, key); |
| 716 | if (ret < 0) | 717 | if (ret < 0) |
| 717 | goto error2; | 718 | goto error2; |
| @@ -814,7 +815,8 @@ int __key_link(struct key *keyring, struct key *key) | |||
| 814 | done: | 815 | done: |
| 815 | ret = 0; | 816 | ret = 0; |
| 816 | error2: | 817 | error2: |
| 817 | up_write(&keyring_serialise_link_sem); | 818 | if (key->type == &key_type_keyring) |
| 819 | up_write(&keyring_serialise_link_sem); | ||
| 818 | error: | 820 | error: |
| 819 | return ret; | 821 | return ret; |
| 820 | 822 | ||