summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2012-01-19 11:46:08 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2012-01-19 11:46:08 -0800
commitafd290945cd283030b51b433a66fe57a8feb28c8 (patch)
treea389cb472d0ca242e02e86becd4a1967dfb0624b
parent90a4c0f51e8e44111a926be6f4c87af3938a79c3 (diff)
parent456a8167e94b66f406c27400a46a707b870452b0 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: KEYS: Permit key_serial() to be called with a const key pointer keys: fix user_defined key sparse messages ima: fix cred sparse warning MPILIB: Add a missing ENOMEM check
-rw-r--r--include/linux/key.h2
-rw-r--r--lib/mpi/mpicoder.c2
-rw-r--r--security/integrity/ima/ima_policy.c3
-rw-r--r--security/keys/user_defined.c6
4 files changed, 8 insertions, 5 deletions
diff --git a/include/linux/key.h b/include/linux/key.h
index bfc014c5735..5253471cd2e 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -271,7 +271,7 @@ extern int keyring_add_key(struct key *keyring,
extern struct key *key_lookup(key_serial_t id);
-static inline key_serial_t key_serial(struct key *key)
+static inline key_serial_t key_serial(const struct key *key)
{
return key ? key->serial : 0;
}
diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c
index fe84bb978e3..716802b774e 100644
--- a/lib/mpi/mpicoder.c
+++ b/lib/mpi/mpicoder.c
@@ -255,6 +255,8 @@ void *mpi_get_buffer(MPI a, unsigned *nbytes, int *sign)
if (!n)
n++; /* avoid zero length allocation */
p = buffer = kmalloc(n, GFP_KERNEL);
+ if (!p)
+ return NULL;
for (i = a->nlimbs - 1; i >= 0; i--) {
alimb = a->d[i];
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index d661afbe474..d45061d02fe 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -99,6 +99,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule,
struct inode *inode, enum ima_hooks func, int mask)
{
struct task_struct *tsk = current;
+ const struct cred *cred = current_cred();
int i;
if ((rule->flags & IMA_FUNC) && rule->func != func)
@@ -108,7 +109,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule,
if ((rule->flags & IMA_FSMAGIC)
&& rule->fsmagic != inode->i_sb->s_magic)
return false;
- if ((rule->flags & IMA_UID) && rule->uid != tsk->cred->uid)
+ if ((rule->flags & IMA_UID) && rule->uid != cred->uid)
return false;
for (i = 0; i < MAX_LSM_RULES; i++) {
int rc = 0;
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index 69ff52c08e9..2aee3c5a3b9 100644
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -59,7 +59,7 @@ int user_instantiate(struct key *key, const void *data, size_t datalen)
/* attach the data */
upayload->datalen = datalen;
memcpy(upayload->data, data, datalen);
- rcu_assign_pointer(key->payload.data, upayload);
+ rcu_assign_keypointer(key, upayload);
ret = 0;
error:
@@ -98,7 +98,7 @@ int user_update(struct key *key, const void *data, size_t datalen)
if (ret == 0) {
/* attach the new data, displacing the old */
zap = key->payload.data;
- rcu_assign_pointer(key->payload.data, upayload);
+ rcu_assign_keypointer(key, upayload);
key->expiry = 0;
}
@@ -133,7 +133,7 @@ void user_revoke(struct key *key)
key_payload_reserve(key, 0);
if (upayload) {
- rcu_assign_pointer(key->payload.data, NULL);
+ rcu_assign_keypointer(key, NULL);
kfree_rcu(upayload, rcu);
}
}