summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2013-02-21 12:00:25 +0000
committerLinus Torvalds <torvalds@linux-foundation.org>2013-02-21 07:56:25 -0800
commitfe9453a1dcb5fb146f9653267e78f4a558066f6f (patch)
treeba144f62734e9d89ed515466972c318de561ccb2
parenta0b1c42951dd06ec83cc1bc2c9788131d9fefcd8 (diff)
downloadlinux-fe9453a1dcb5fb146f9653267e78f4a558066f6f.tar.gz
linux-fe9453a1dcb5fb146f9653267e78f4a558066f6f.tar.bz2
linux-fe9453a1dcb5fb146f9653267e78f4a558066f6f.zip
KEYS: Revert one application of "Fix unreachable code" patch
A patch to fix some unreachable code in search_my_process_keyrings() got applied twice by two different routes upstream as commits e67eab39bee2 and b010520ab3d2 (both "fix unreachable code"). Unfortunately, the second application removed something it shouldn't have and this wasn't detected by GIT. This is due to the patch not having sufficient lines of context to distinguish the two places of application. The effect of this is relatively minor: inside the kernel, the keyring search routines may search multiple keyrings and then prioritise the errors if no keys or negative keys are found in any of them. With the extra deletion, the presence of a negative key in the thread keyring (causing ENOKEY) is incorrectly overridden by an error searching the process keyring. So revert the second application of the patch. Signed-off-by: David Howells <dhowells@redhat.com> Cc: Jiri Kosina <jkosina@suse.cz> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: stable@vger.kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--security/keys/process_keys.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 20e4bf57aec8..58dfe0890947 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -367,6 +367,8 @@ key_ref_t search_my_process_keyrings(struct key_type *type,
switch (PTR_ERR(key_ref)) {
case -EAGAIN: /* no key */
+ if (ret)
+ break;
case -ENOKEY: /* negative key */
ret = key_ref;
break;