diff options
| author | David Howells <dhowells@redhat.com> | 2011-01-25 16:34:28 +0000 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-01-26 08:58:20 +1000 |
| commit | ceb73c12047b8d543570b23353e7848eb7c540a1 (patch) | |
| tree | a637dc88d418be1b705a66bea375af955bd14e22 /security/keys/request_key.c | |
| parent | f5c66d70ac2a9016a7ad481bd37e39afd7dd7369 (diff) | |
KEYS: Fix __key_link_end() quota fixup on error
Fix __key_link_end()'s attempt to fix up the quota if an error occurs.
There are two erroneous cases: Firstly, we always decrease the quota if
the preallocated replacement keyring needs cleaning up, irrespective of
whether or not we should (we may have replaced a pointer rather than
adding another pointer).
Secondly, we never clean up the quota if we added a pointer without the
keyring storage being extended (we allocate multiple pointers at a time,
even if we're not going to use them all immediately).
We handle this by setting the bottom bit of the preallocation pointer in
__key_link_begin() to indicate that the quota needs fixing up, which is
then passed to __key_link() (which clears the whole thing) and
__key_link_end().
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/keys/request_key.c')
| -rw-r--r-- | security/keys/request_key.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/keys/request_key.c b/security/keys/request_key.c index 9a7fb3914b27..a3dc0d460def 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c @@ -352,8 +352,8 @@ static int construct_alloc_key(struct key_type *type, struct key_user *user, struct key **_key) { - struct keyring_list *prealloc; const struct cred *cred = current_cred(); + unsigned long prealloc; struct key *key; key_ref_t key_ref; int ret; |