diff options
author | David Howells <dhowells@redhat.com> | 2013-02-21 12:00:25 +0000 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2013-02-21 07:56:25 -0800 |
commit | fe9453a1dcb5fb146f9653267e78f4a558066f6f (patch) | |
tree | ba144f62734e9d89ed515466972c318de561ccb2 | |
parent | a0b1c42951dd06ec83cc1bc2c9788131d9fefcd8 (diff) | |
download | linux-fe9453a1dcb5fb146f9653267e78f4a558066f6f.tar.gz linux-fe9453a1dcb5fb146f9653267e78f4a558066f6f.tar.bz2 linux-fe9453a1dcb5fb146f9653267e78f4a558066f6f.zip |
KEYS: Revert one application of "Fix unreachable code" patch
A patch to fix some unreachable code in search_my_process_keyrings() got
applied twice by two different routes upstream as commits e67eab39bee2
and b010520ab3d2 (both "fix unreachable code").
Unfortunately, the second application removed something it shouldn't
have and this wasn't detected by GIT. This is due to the patch not
having sufficient lines of context to distinguish the two places of
application.
The effect of this is relatively minor: inside the kernel, the keyring
search routines may search multiple keyrings and then prioritise the
errors if no keys or negative keys are found in any of them. With the
extra deletion, the presence of a negative key in the thread keyring
(causing ENOKEY) is incorrectly overridden by an error searching the
process keyring.
So revert the second application of the patch.
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: stable@vger.kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | security/keys/process_keys.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 20e4bf57aec8..58dfe0890947 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -367,6 +367,8 @@ key_ref_t search_my_process_keyrings(struct key_type *type, switch (PTR_ERR(key_ref)) { case -EAGAIN: /* no key */ + if (ret) + break; case -ENOKEY: /* negative key */ ret = key_ref; break; |