summaryrefslogtreecommitdiffstats
path: root/security/keys/request_key.c
diff options
context:
space:
mode:
authorDave Airlie <airlied@redhat.com>2010-05-19 01:35:51 +0200
committerDave Airlie <airlied@redhat.com>2010-05-19 01:35:51 +0200
commit05ea893c46805b2981ea8ba6df881e3d65edd63b (patch)
treeea381e22d99f49bd2c95238f88491d48b797a17b /security/keys/request_key.c
parentdrm/radeon/pm: fix device_create_file return value checks. (diff)
parentdrm/i915: Fix out of tree builds (diff)
downloadlinux-05ea893c46805b2981ea8ba6df881e3d65edd63b.tar.xz
linux-05ea893c46805b2981ea8ba6df881e3d65edd63b.zip
Merge remote branch 'anholt/drm-intel-next' into drm-next
* anholt/drm-intel-next: (515 commits) drm/i915: Fix out of tree builds drm/i915: move fence lru to struct drm_i915_fence_reg drm/i915: don't allow tiling changes on pinned buffers v2 drm/i915: Be extra careful about A/D matching for multifunction SDVO drm/i915: Fix DDC bus selection for multifunction SDVO drm/i915: cleanup mode setting before unmapping registers drm/i915: Make fbc control wrapper functions drm/i915: Wait for the GPU whilst shrinking, if truly desperate. drm/i915: Use spatio-temporal dithering on PCH [MTD] Remove zero-length files mtdbdi.c and internal.ho pata_pcmcia / ide-cs: Fix bad hashes for Transcend and kingston IDs libata: Fix several inaccuracies in developer's guide slub: Fix bad boundary check in init_kmem_cache_nodes() raid6: fix recovery performance regression KEYS: call_sbin_request_key() must write lock keyrings before modifying them KEYS: Use RCU dereference wrappers in keyring key type code KEYS: find_keyring_by_name() can gain access to a freed keyring ALSA: hda: Fix 0 dB for Packard Bell models using Conexant CX20549 (Venice) ALSA: hda - Add quirk for Dell Inspiron 19T using a Conexant CX20582 ALSA: take tu->qlock with irqs disabled ...
Diffstat (limited to 'security/keys/request_key.c')
-rw-r--r--security/keys/request_key.c24
1 files changed, 17 insertions, 7 deletions
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index 03fe63ed55bd..d8c1a6a0fb08 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -68,7 +68,8 @@ static int call_sbin_request_key(struct key_construction *cons,
{
const struct cred *cred = current_cred();
key_serial_t prkey, sskey;
- struct key *key = cons->key, *authkey = cons->authkey, *keyring;
+ struct key *key = cons->key, *authkey = cons->authkey, *keyring,
+ *session;
char *argv[9], *envp[3], uid_str[12], gid_str[12];
char key_str[12], keyring_str[3][12];
char desc[20];
@@ -93,7 +94,7 @@ static int call_sbin_request_key(struct key_construction *cons,
}
/* attach the auth key to the session keyring */
- ret = __key_link(keyring, authkey);
+ ret = key_link(keyring, authkey);
if (ret < 0)
goto error_link;
@@ -112,10 +113,12 @@ static int call_sbin_request_key(struct key_construction *cons,
if (cred->tgcred->process_keyring)
prkey = cred->tgcred->process_keyring->serial;
- if (cred->tgcred->session_keyring)
- sskey = rcu_dereference(cred->tgcred->session_keyring)->serial;
- else
- sskey = cred->user->session_keyring->serial;
+ rcu_read_lock();
+ session = rcu_dereference(cred->tgcred->session_keyring);
+ if (!session)
+ session = cred->user->session_keyring;
+ sskey = session->serial;
+ rcu_read_unlock();
sprintf(keyring_str[2], "%d", sskey);
@@ -336,8 +339,10 @@ static int construct_alloc_key(struct key_type *type,
key_already_present:
mutex_unlock(&key_construction_mutex);
- if (dest_keyring)
+ if (dest_keyring) {
+ __key_link(dest_keyring, key_ref_to_ptr(key_ref));
up_write(&dest_keyring->sem);
+ }
mutex_unlock(&user->cons_lock);
key_put(key);
*_key = key = key_ref_to_ptr(key_ref);
@@ -428,6 +433,11 @@ struct key *request_key_and_link(struct key_type *type,
if (!IS_ERR(key_ref)) {
key = key_ref_to_ptr(key_ref);
+ if (dest_keyring) {
+ construct_get_dest_keyring(&dest_keyring);
+ key_link(dest_keyring, key);
+ key_put(dest_keyring);
+ }
} else if (PTR_ERR(key_ref) != -EAGAIN) {
key = ERR_CAST(key_ref);
} else {