Commit 1d6d167c authored by Mimi Zohar's avatar Mimi Zohar

KEYS: refcount bug fix

This patch fixes the key_ref leak, removes the unnecessary KEY_FLAG_KEEP
test before setting the flag, and cleans up the if/then brackets style
introduced in commit:
d3600bcf KEYS: prevent keys from being removed from specified keyrings
Reported-by: default avatarDavid Howells <dhowells@redhat.com>
Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: default avatarDavid Howells <dhowells@redhat.com>
parent 6427e6c7
......@@ -430,8 +430,7 @@ static int __key_instantiate_and_link(struct key *key,
/* and link it into the destination keyring */
if (keyring) {
if (test_bit(KEY_FLAG_KEEP, &keyring->flags))
set_bit(KEY_FLAG_KEEP, &key->flags);
set_bit(KEY_FLAG_KEEP, &key->flags);
__key_link(key, _edit);
}
......
......@@ -381,12 +381,11 @@ long keyctl_revoke_key(key_serial_t id)
}
key = key_ref_to_ptr(key_ref);
ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
return -EPERM;
else {
ret = -EPERM;
else
key_revoke(key);
ret = 0;
}
key_ref_put(key_ref);
error:
......@@ -432,12 +431,11 @@ long keyctl_invalidate_key(key_serial_t id)
invalidate:
key = key_ref_to_ptr(key_ref);
ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
ret = -EPERM;
else {
else
key_invalidate(key);
ret = 0;
}
error_put:
key_ref_put(key_ref);
error:
......@@ -1352,12 +1350,11 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout)
okay:
key = key_ref_to_ptr(key_ref);
ret = 0;
if (test_bit(KEY_FLAG_KEEP, &key->flags))
ret = -EPERM;
else {
else
key_set_timeout(key, timeout);
ret = 0;
}
key_put(key);
error:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment