Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security layer fixes from James Morris: "A fix for SELinux policy processing (regression introduced by commit fa1aa143ac4a: "selinux: extended permissions for ioctls"), as well as a fix for the user-triggerable oops in the Keys code" * 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: KEYS: Fix handling of stored error in a negatively instantiated user key selinux: fix bug in conditional rules handling
author: Linus Torvalds <torvalds@linux-foundation.org> 2015-11-27 15:27:52 -0800
committer: Linus Torvalds <torvalds@linux-foundation.org> 2015-11-27 15:27:52 -0800
commit: 7e4b9359f483fe270c176cc37aaad54d5d1b6a1c (patch)
tree: 8e1606c2c90fb85ff1cae51a19b1cc2d41d0da87 /security/keys/user_defined.c
parent: c64410f3eca037f831e9db7cf880e600acc841af (diff)
parent: 6e37592900f1e75c2031ec10886f4858a260aeec (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index 28cb30f80256..8705d79b2c6f 100644
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -120,7 +120,10 @@ int user_update(struct key *key, struct key_preparsed_payload *prep)
 
 	if (ret == 0) {
 		/* attach the new data, displacing the old */
-		zap = key->payload.data[0];
+		if (!test_bit(KEY_FLAG_NEGATIVE, &key->flags))
+			zap = key->payload.data[0];
+		else
+			zap = NULL;
 		rcu_assign_keypointer(key, upayload);
 		key->expiry = 0;
 	}
author	Linus Torvalds <torvalds@linux-foundation.org>	2015-11-27 15:27:52 -0800
committer	Linus Torvalds <torvalds@linux-foundation.org>	2015-11-27 15:27:52 -0800
commit	7e4b9359f483fe270c176cc37aaad54d5d1b6a1c (patch)
tree	8e1606c2c90fb85ff1cae51a19b1cc2d41d0da87 /security/keys/user_defined.c
parent	c64410f3eca037f831e9db7cf880e600acc841af (diff)
parent	6e37592900f1e75c2031ec10886f4858a260aeec (diff)