Skip to content

Commit

Permalink
KEYS: Revert one application of "Fix unreachable code" patch
Browse files Browse the repository at this point in the history 
A patch to fix some unreachable code in search_my_process_keyrings() got
applied twice by two different routes upstream as commits e67eab3
and b010520 (both "fix unreachable code").

Unfortunately, the second application removed something it shouldn't
have and this wasn't detected by GIT.  This is due to the patch not
having sufficient lines of context to distinguish the two places of
application.

The effect of this is relatively minor: inside the kernel, the keyring
search routines may search multiple keyrings and then prioritise the
errors if no keys or negative keys are found in any of them.  With the
extra deletion, the presence of a negative key in the thread keyring
(causing ENOKEY) is incorrectly overridden by an error searching the
process keyring.

So revert the second application of the patch.

Signed-off-by: David Howells <[email protected]>
Cc: Jiri Kosina <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: [email protected]
Signed-off-by: Linus Torvalds <[email protected]>
  • Loading branch information
@dhowells @torvalds
dhowells authored and torvalds committed Feb 21, 2013
1 parent a0b1c42 commit fe9453a
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions security/keys/process_keys.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -367,6 +367,8 @@ key_ref_t search_my_process_keyrings(struct key_type *type,

switch (PTR_ERR(key_ref)) {
case -EAGAIN: /* no key */
if (ret)
break;
case -ENOKEY: /* negative key */
ret = key_ref;
break;
Expand Down

0 comments on commit fe9453a

Please sign in to comment.