diff options
| author | Takashi Iwai <tiwai@suse.de> | 2017-05-02 08:25:25 +0200 |
|---|---|---|
| committer | Takashi Iwai <tiwai@suse.de> | 2017-05-02 08:25:25 +0200 |
| commit | a5c3b32a1146e44f6b38fdfdfffc27842953420c (patch) | |
| tree | eca93f51c8deabe77ed079a3e9190717b6380009 /security/keys/keyctl.c | |
| parent | d7dc450d5a7162de96edbed6b1792240c2f3a55f (diff) | |
| parent | 20d5c84bef067b7e804a163e2abca16c47125bad (diff) | |
Merge tag 'asoc-v4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Updates for v4.12
A quiet release for the core, but lots of new drivers this time around:
- A new, generalized, API for hooking up jacks which makes it easier to
write generic machine drivers for simple cases.
- Continuing fixes for issues with the x86 CPU drivers.
- New drivers for Cirrus CS35L35, DIO DIO2125, Everest ES7132,
HiSilicon hi6210, Maxim MAX98927, MT2701 systems with WM8960, Nuvoton
NAU8824, Odroid systems, ST STM32 SAI controllers and x86 systems with
DA7213
Diffstat (limited to 'security/keys/keyctl.c')
| -rw-r--r-- | security/keys/keyctl.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 52c34532c785..4ad3212adebe 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -273,7 +273,8 @@ error: * Create and join an anonymous session keyring or join a named session * keyring, creating it if necessary. A named session keyring must have Search * permission for it to be joined. Session keyrings without this permit will - * be skipped over. + * be skipped over. It is not permitted for userspace to create or join + * keyrings whose name begin with a dot. * * If successful, the ID of the joined session keyring will be returned. */ @@ -290,12 +291,16 @@ long keyctl_join_session_keyring(const char __user *_name) ret = PTR_ERR(name); goto error; } + + ret = -EPERM; + if (name[0] == '.') + goto error_name; } /* join the session */ ret = join_session_keyring(name); +error_name: kfree(name); - error: return ret; } @@ -1253,8 +1258,8 @@ error: * Read or set the default keyring in which request_key() will cache keys and * return the old setting. * - * If a process keyring is specified then this will be created if it doesn't - * yet exist. The old setting will be returned if successful. + * If a thread or process keyring is specified then it will be created if it + * doesn't yet exist. The old setting will be returned if successful. */ long keyctl_set_reqkey_keyring(int reqkey_defl) { @@ -1279,11 +1284,8 @@ long keyctl_set_reqkey_keyring(int reqkey_defl) case KEY_REQKEY_DEFL_PROCESS_KEYRING: ret = install_process_keyring_to_cred(new); - if (ret < 0) { - if (ret != -EEXIST) - goto error; - ret = 0; - } + if (ret < 0) + goto error; goto set; case KEY_REQKEY_DEFL_DEFAULT: |