KEYS: request_key() should return -ENOKEY if the constructed key is negative

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

request_key() should return -ENOKEY if the key it constructs has been
negatively instantiated.

Without this, request_key() can return an unusable key to its caller,
and if the caller then does key_validate() that won't catch the problem.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

David Howells and committed by

Linus Torvalds 15 years ago 1e456a12 fc1caf6e

1 changed file

expand all

security

keys

request_key.c

security/keys/request_key.c

··· 537 537 intr ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE); 538 538 if (ret < 0) 539 539 return ret; 540 + if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) 541 + return -ENOKEY; 540 542 return key_validate(key); 541 543 } 542 544 EXPORT_SYMBOL(wait_for_key_construction);