14 files changed, 45 insertions, 33 deletions

diff --git a/security/commoncap.c b/security/commoncap.c
index 64c2ed9c9015..dbfdaed4cc66 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -93,7 +93,7 @@ int cap_capable(struct task_struct *tsk, const struct cred *cred, int cap,
  * Determine whether the current process may set the system clock and timezone
  * information, returning 0 if permission granted, -ve if denied.
  */
-int cap_settime(struct timespec *ts, struct timezone *tz)
+int cap_settime(const struct timespec *ts, const struct timezone *tz)
 {
         if (!capable(CAP_SYS_TIME))
                 return -EPERM;
diff --git a/security/keys/Makefile b/security/keys/Makefile
index 6c941050f573..1bf090a885fe 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -13,8 +13,8 @@ obj-y := \
         request_key_auth.o \
         user_defined.o
 
-obj-$(CONFIG_TRUSTED_KEYS) += trusted_defined.o
-obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted_defined.o
+obj-$(CONFIG_TRUSTED_KEYS) += trusted.o
+obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted.o
 obj-$(CONFIG_KEYS_COMPAT) += compat.o
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted.c
index 28791a65740e..9e7e4ce3fae8 100644
--- a/security/keys/encrypted_defined.c
+++ b/security/keys/encrypted.c
@@ -30,7 +30,7 @@
 #include <crypto/sha.h>
 #include <crypto/aes.h>
 
-#include "encrypted_defined.h"
+#include "encrypted.h"
 
 static const char KEY_TRUSTED_PREFIX[] = "trusted:";
 static const char KEY_USER_PREFIX[] = "user:";
@@ -888,6 +888,7 @@ static int __init init_encrypted(void)
 out:
         encrypted_shash_release();
         return ret;
+
 }
 
 static void __exit cleanup_encrypted(void)
diff --git a/security/keys/encrypted_defined.h b/security/keys/encrypted.h
index cef5e2f2b7d1..cef5e2f2b7d1 100644
--- a/security/keys/encrypted_defined.h
+++ b/security/keys/encrypted.h
diff --git a/security/keys/internal.h b/security/keys/internal.h
index edfa50dbd6f5..a52aa7c88b41 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -87,13 +87,13 @@ extern void key_type_put(struct key_type *ktype);
 extern int __key_link_begin(struct key *keyring,
                             const struct key_type *type,
                             const char *description,
-                            struct keyring_list **_prealloc);
+                            unsigned long *_prealloc);
 extern int __key_link_check_live_key(struct key *keyring, struct key *key);
 extern void __key_link(struct key *keyring, struct key *key,
-                       struct keyring_list **_prealloc);
+                       unsigned long *_prealloc);
 extern void __key_link_end(struct key *keyring,
                            struct key_type *type,
-                           struct keyring_list *prealloc);
+                           unsigned long prealloc);
 
 extern key_ref_t __keyring_search_one(key_ref_t keyring_ref,
                                       const struct key_type *type,
diff --git a/security/keys/key.c b/security/keys/key.c
index 84d4eb568b08..1c2d43dc5107 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -415,7 +415,7 @@ static int __key_instantiate_and_link(struct key *key,
                                       size_t datalen,
                                       struct key *keyring,
                                       struct key *authkey,
-                                      struct keyring_list **_prealloc)
+                                      unsigned long *_prealloc)
 {
         int ret, awaken;
 
@@ -481,7 +481,7 @@ int key_instantiate_and_link(struct key *key,
                              struct key *keyring,
                              struct key *authkey)
 {
-        struct keyring_list *prealloc;
+        unsigned long prealloc;
         int ret;
 
         if (keyring) {
@@ -526,7 +526,7 @@ int key_negate_and_link(struct key *key,
                         struct key *keyring,
                         struct key *authkey)
 {
-        struct keyring_list *prealloc;
+        unsigned long prealloc;
         struct timespec now;
         int ret, awaken, link_ret = 0;
 
@@ -814,7 +814,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
                                key_perm_t perm,
                                unsigned long flags)
 {
-        struct keyring_list *prealloc;
+        unsigned long prealloc;
         const struct cred *cred = current_cred();
         struct key_type *ktype;
         struct key *keyring, *key = NULL;
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 92024ed12e0a..5620f084dede 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -25,6 +25,8 @@
                 (keyring)->payload.subscriptions,                       \
                 rwsem_is_locked((struct rw_semaphore *)&(keyring)->sem)))
 
+#define KEY_LINK_FIXQUOTA 1UL
+
 /*
  * When plumbing the depths of the key tree, this sets a hard limit
  * set on how deep we're willing to go.
@@ -699,11 +701,11 @@ static void keyring_unlink_rcu_disposal(struct rcu_head *rcu)
  * Preallocate memory so that a key can be linked into to a keyring.
  */
 int __key_link_begin(struct key *keyring, const struct key_type *type,
-                     const char *description,
-                     struct keyring_list **_prealloc)
+                     const char *description, unsigned long *_prealloc)
         __acquires(&keyring->sem)
 {
         struct keyring_list *klist, *nklist;
+        unsigned long prealloc;
         unsigned max;
         size_t size;
         int loop, ret;
@@ -746,6 +748,7 @@ int __key_link_begin(struct key *keyring, const struct key_type *type,
 
                                 /* note replacement slot */
                                 klist->delkey = nklist->delkey = loop;
+                                prealloc = (unsigned long)nklist;
                                 goto done;
                         }
                 }
@@ -760,6 +763,7 @@ int __key_link_begin(struct key *keyring, const struct key_type *type,
         if (klist && klist->nkeys < klist->maxkeys) {
                 /* there's sufficient slack space to append directly */
                 nklist = NULL;
+                prealloc = KEY_LINK_FIXQUOTA;
         } else {
                 /* grow the key list */
                 max = 4;
@@ -794,8 +798,9 @@ int __key_link_begin(struct key *keyring, const struct key_type *type,
                 nklist->keys[nklist->delkey] = NULL;
         }
 
+        prealloc = (unsigned long)nklist | KEY_LINK_FIXQUOTA;
 done:
-        *_prealloc = nklist;
+        *_prealloc = prealloc;
         kleave(" = 0");
         return 0;
 
@@ -836,12 +841,12 @@ int __key_link_check_live_key(struct key *keyring, struct key *key)
  * combination.
  */
 void __key_link(struct key *keyring, struct key *key,
-                struct keyring_list **_prealloc)
+                unsigned long *_prealloc)
 {
         struct keyring_list *klist, *nklist;
 
-        nklist = *_prealloc;
-        *_prealloc = NULL;
+        nklist = (struct keyring_list *)(*_prealloc & ~KEY_LINK_FIXQUOTA);
+        *_prealloc = 0;
 
         kenter("%d,%d,%p", keyring->serial, key->serial, nklist);
 
@@ -881,20 +886,22 @@ void __key_link(struct key *keyring, struct key *key,
  * Must be called with __key_link_begin() having being called.
  */
 void __key_link_end(struct key *keyring, struct key_type *type,
-                    struct keyring_list *prealloc)
+                    unsigned long prealloc)
         __releases(&keyring->sem)
 {
         BUG_ON(type == NULL);
         BUG_ON(type->name == NULL);
-        kenter("%d,%s,%p", keyring->serial, type->name, prealloc);
+        kenter("%d,%s,%lx", keyring->serial, type->name, prealloc);
 
         if (type == &key_type_keyring)
                 up_write(&keyring_serialise_link_sem);
 
         if (prealloc) {
-                kfree(prealloc);
-                key_payload_reserve(keyring,
-                                    keyring->datalen - KEYQUOTA_LINK_BYTES);
+                if (prealloc & KEY_LINK_FIXQUOTA)
+                        key_payload_reserve(keyring,
+                                            keyring->datalen -
+                                            KEYQUOTA_LINK_BYTES);
+                kfree((struct keyring_list *)(prealloc & ~KEY_LINK_FIXQUOTA));
         }
         up_write(&keyring->sem);
 }
@@ -921,7 +928,7 @@ void __key_link_end(struct key *keyring, struct key_type *type,
  */
 int key_link(struct key *keyring, struct key *key)
 {
-        struct keyring_list *prealloc;
+        unsigned long prealloc;
         int ret;
 
         key_check(keyring);
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index 9a7fb3914b27..a3dc0d460def 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -352,8 +352,8 @@ static int construct_alloc_key(struct key_type *type,
                                struct key_user *user,
                                struct key **_key)
 {
-        struct keyring_list *prealloc;
         const struct cred *cred = current_cred();
+        unsigned long prealloc;
         struct key *key;
         key_ref_t key_ref;
         int ret;
diff --git a/security/keys/trusted_defined.c b/security/keys/trusted.c
index 2836c6dc18a3..83fc92e297cd 100644
--- a/security/keys/trusted_defined.c
+++ b/security/keys/trusted.c
@@ -29,7 +29,7 @@
 #include <linux/tpm.h>
 #include <linux/tpm_command.h>
 
-#include "trusted_defined.h"
+#include "trusted.h"
 
 static const char hmac_alg[] = "hmac(sha1)";
 static const char hash_alg[] = "sha1";
@@ -1032,6 +1032,7 @@ static int trusted_update(struct key *key, const void *data, size_t datalen)
         ret = datablob_parse(datablob, new_p, new_o);
         if (ret != Opt_update) {
                 ret = -EINVAL;
+                kfree(new_p);
                 goto out;
         }
         /* copy old key values, and reseal with new pcrs */
diff --git a/security/keys/trusted_defined.h b/security/keys/trusted.h
index 3249fbd2b653..3249fbd2b653 100644
--- a/security/keys/trusted_defined.h
+++ b/security/keys/trusted.h
diff --git a/security/security.c b/security/security.c
index 739e40362f44..bb33ecadcf95 100644
--- a/security/security.c
+++ b/security/security.c
@@ -154,10 +154,9 @@ int security_capset(struct cred *new, const struct cred *old,
                                     effective, inheritable, permitted);
 }
 
-int security_capable(int cap)
+int security_capable(const struct cred *cred, int cap)
 {
-        return security_ops->capable(current, current_cred(), cap,
-                                     SECURITY_CAP_AUDIT);
+        return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT);
 }
 
 int security_real_capable(struct task_struct *tsk, int cap)
@@ -202,7 +201,7 @@ int security_syslog(int type)
         return security_ops->syslog(type);
 }
 
-int security_settime(struct timespec *ts, struct timezone *tz)
+int security_settime(const struct timespec *ts, const struct timezone *tz)
 {
         return security_ops->settime(ts, tz);
 }
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index e276eb468536..c8d699270687 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3198,7 +3198,11 @@ static void selinux_cred_free(struct cred *cred)
 {
         struct task_security_struct *tsec = cred->security;
 
-        BUG_ON((unsigned long) cred->security < PAGE_SIZE);
+        /*
+         * cred->security == NULL if security_cred_alloc_blank() or
+         * security_prepare_creds() returned an error.
+         */
+        BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE);
         cred->security = (void *) 0x7UL;
         kfree(tsec);
 }
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index c3f845cbcd48..a53373207fb4 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -178,7 +178,7 @@ int cond_init_bool_indexes(struct policydb *p)
         p->bool_val_to_struct = (struct cond_bool_datum **)
                 kmalloc(p->p_bools.nprim * sizeof(struct cond_bool_datum *), GFP_KERNEL);
         if (!p->bool_val_to_struct)
-                return -1;
+                return -ENOMEM;
         return 0;
 }
 
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index be9de3872837..57363562f0f8 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -501,8 +501,8 @@ static int policydb_index(struct policydb *p)
         if (rc)
                 goto out;
 
-        rc = -ENOMEM;
-        if (cond_init_bool_indexes(p))
+        rc = cond_init_bool_indexes(p);
+        if (rc)
                 goto out;
 
         for (i = 0; i < SYM_NUM; i++) {