summaryrefslogtreecommitdiff
path: root/security/keys/trusted.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2015-11-27 15:27:52 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2015-11-27 15:27:52 -0800
commit7e4b9359f483fe270c176cc37aaad54d5d1b6a1c (patch)
tree8e1606c2c90fb85ff1cae51a19b1cc2d41d0da87 /security/keys/trusted.c
parentc64410f3eca037f831e9db7cf880e600acc841af (diff)
parent6e37592900f1e75c2031ec10886f4858a260aeec (diff)
Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security layer fixes from James Morris: "A fix for SELinux policy processing (regression introduced by commit fa1aa143ac4a: "selinux: extended permissions for ioctls"), as well as a fix for the user-triggerable oops in the Keys code" * 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: KEYS: Fix handling of stored error in a negatively instantiated user key selinux: fix bug in conditional rules handling
Diffstat (limited to 'security/keys/trusted.c')
-rw-r--r--security/keys/trusted.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 903dace648a1..16dec53184b6 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -1007,13 +1007,16 @@ static void trusted_rcu_free(struct rcu_head *rcu)
*/
static int trusted_update(struct key *key, struct key_preparsed_payload *prep)
{
- struct trusted_key_payload *p = key->payload.data[0];
+ struct trusted_key_payload *p;
struct trusted_key_payload *new_p;
struct trusted_key_options *new_o;
size_t datalen = prep->datalen;
char *datablob;
int ret = 0;
+ if (test_bit(KEY_FLAG_NEGATIVE, &key->flags))
+ return -ENOKEY;
+ p = key->payload.data[0];
if (!p->migratable)
return -EPERM;
if (datalen <= 0 || datalen > 32767 || !prep->data)
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-16 01:16:21 +0000