summaryrefslogtreecommitdiffstats
path: root/security/keys/keyring.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2013-09-24 11:35:17 +0200
committerDavid Howells <dhowells@redhat.com>2013-09-24 11:35:17 +0200
commite57e8669f2ab8350d30f771dd2fdd5377f183db2 (patch)
tree8344918b6ac5ca26792460aec1d5a60c1ede88e2 /security/keys/keyring.c
parentKEYS: Define a __key_get() wrapper to use rather than atomic_inc() (diff)
downloadlinux-e57e8669f2ab8350d30f771dd2fdd5377f183db2.tar.xz
linux-e57e8669f2ab8350d30f771dd2fdd5377f183db2.zip
KEYS: Drop the permissions argument from __keyring_search_one()
Drop the permissions argument from __keyring_search_one() as the only caller passes 0 here - which causes all checks to be skipped. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/keys/keyring.c')
-rw-r--r--security/keys/keyring.c9
1 files changed, 3 insertions, 6 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 87eff32b53f4..eeef1a073db4 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -531,15 +531,14 @@ EXPORT_SYMBOL(keyring_search);
* RCU is used to make it unnecessary to lock the keyring key list here.
*
* Returns a pointer to the found key with usage count incremented if
- * successful and returns -ENOKEY if not found. Revoked keys and keys not
- * providing the requested permission are skipped over.
+ * successful and returns -ENOKEY if not found. Revoked and invalidated keys
+ * are skipped over.
*
* If successful, the possession indicator is propagated from the keyring ref
* to the returned key reference.
*/
key_ref_t __keyring_search_one(key_ref_t keyring_ref,
- const struct keyring_index_key *index_key,
- key_perm_t perm)
+ const struct keyring_index_key *index_key)
{
struct keyring_list *klist;
struct key *keyring, *key;
@@ -560,8 +559,6 @@ key_ref_t __keyring_search_one(key_ref_t keyring_ref,
if (key->type == index_key->type &&
(!key->type->match ||
key->type->match(key, index_key->description)) &&
- key_permission(make_key_ref(key, possessed),
- perm) == 0 &&
!(key->flags & ((1 << KEY_FLAG_INVALIDATED) |
(1 << KEY_FLAG_REVOKED)))
)