* Patch "KEYS: refcount bug fix" has been added to the 4.4-stable tree
@ 2016-01-20 16:59 gregkh
0 siblings, 0 replies; only message in thread
From: gregkh @ 2016-01-20 16:59 UTC (permalink / raw)
To: zohar, dhowells, gregkh; +Cc: stable, stable-commits
This is a note to let you know that I've just added the patch titled
KEYS: refcount bug fix
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
keys-refcount-bug-fix.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
>From 1d6d167c2efcfe9539d9cffb1a1be9c92e39c2c0 Mon Sep 17 00:00:00 2001
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
Date: Thu, 7 Jan 2016 07:46:36 -0500
Subject: KEYS: refcount bug fix
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
commit 1d6d167c2efcfe9539d9cffb1a1be9c92e39c2c0 upstream.
This patch fixes the key_ref leak, removes the unnecessary KEY_FLAG_KEEP
test before setting the flag, and cleans up the if/then brackets style
introduced in commit:
d3600bc KEYS: prevent keys from being removed from specified keyrings
Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
security/keys/key.c | 3 +--
security/keys/keyctl.c | 17 +++++++----------
2 files changed, 8 insertions(+), 12 deletions(-)
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -430,8 +430,7 @@ static int __key_instantiate_and_link(st
/* and link it into the destination keyring */
if (keyring) {
- if (test_bit(KEY_FLAG_KEEP, &keyring->flags))
- set_bit(KEY_FLAG_KEEP, &key->flags);
+ set_bit(KEY_FLAG_KEEP, &key->flags);
__key_link(key, _edit);
}
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -381,12 +381,11 @@ long keyctl_revoke_key(key_serial_t id)
}
key = key_ref_to_ptr(key_ref);
+ ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
- return -EPERM;
- else {
+ ret = -EPERM;
+ else
key_revoke(key);
- ret = 0;
- }
key_ref_put(key_ref);
error:
@@ -432,12 +431,11 @@ long keyctl_invalidate_key(key_serial_t
invalidate:
key = key_ref_to_ptr(key_ref);
+ ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
ret = -EPERM;
- else {
+ else
key_invalidate(key);
- ret = 0;
- }
error_put:
key_ref_put(key_ref);
error:
@@ -1352,12 +1350,11 @@ long keyctl_set_timeout(key_serial_t id,
okay:
key = key_ref_to_ptr(key_ref);
+ ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
ret = -EPERM;
- else {
+ else
key_set_timeout(key, timeout);
- ret = 0;
- }
key_put(key);
error:
Patches currently in stable-queue which might be from zohar@linux.vnet.ibm.com are
queue-4.4/keys-refcount-bug-fix.patch
queue-4.4/keys-prevent-keys-from-being-removed-from-specified-keyrings.patch
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-01-20 16:59 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-20 16:59 Patch "KEYS: refcount bug fix" has been added to the 4.4-stable tree gregkh
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).