summaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2019-06-26 22:02:32 +0200
committerDavid Howells <dhowells@redhat.com>2019-06-26 22:02:32 +0200
commitdcf49dbc8077e278ddd1bc7298abc781496e8a08 (patch)
treee187765e6336fefc35d83f5b75b7cbe1d4ec194a /security/integrity
parentkeys: Cache the hash value to avoid lots of recalculation (diff)
downloadlinux-dcf49dbc8077e278ddd1bc7298abc781496e8a08.tar.xz
linux-dcf49dbc8077e278ddd1bc7298abc781496e8a08.zip
keys: Add a 'recurse' flag for keyring searches
Add a 'recurse' flag for keyring searches so that the flag can be omitted and recursion disabled, thereby allowing just the nominated keyring to be searched and none of the children. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/digsig_asymmetric.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
index 99080871eb9f..358f614811e8 100644
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -39,7 +39,7 @@ static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
key_ref_t kref;
kref = keyring_search(make_key_ref(key, 1),
- &key_type_asymmetric, name);
+ &key_type_asymmetric, name, true);
if (!IS_ERR(kref)) {
pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
return ERR_PTR(-EKEYREJECTED);
@@ -51,7 +51,7 @@ static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
key_ref_t kref;
kref = keyring_search(make_key_ref(keyring, 1),
- &key_type_asymmetric, name);
+ &key_type_asymmetric, name, true);
if (IS_ERR(kref))
key = ERR_CAST(kref);
else