diff options
| author | Ingo Molnar <mingo@kernel.org> | 2012-04-13 09:50:21 +0200 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2012-04-13 09:50:21 +0200 |
| commit | 659c36fcda403013a01b85da07cf2d9711e6d6c7 (patch) | |
| tree | ece2e7d0e2c19ea5a3d0ec172ad0b81a8a19021d /security/keys/keyctl.c | |
| parent | 9521d830b6341d1887dcfc2aebde23fbfa5f1473 (diff) | |
| parent | 5a7ed29c7572d00a75e8c4529e30c5ac2ef82271 (diff) | |
Merge tag 'perf-core-for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into perf/core
Fixes and improvements for perf/core:
. Overhaul the tools/ makefiles, gluing them to the top level Makefile, from
Borislav Petkov.
. Move the UI files from tools/perf/util/ui/ to tools/perf/ui/. Also move
the GTK+ browser to tools/perf/ui/gtk/, from Namhyung Kim.
. Only fallback to sw cycles counter on ENOENT for the hw cycles, from
Robert Richter
. Trivial fixes from Robert Richter
. Handle the autogenerated bison/flex files better, from Namhyung and Jiri Olsa.
. Navigate jump instructions in the annotate browser, just press enter or ->,
still needs support for a jump navigation history, i.e. to go back.
. Search string in the annotate browser: same keys as vim:
/ forward
n next backward/forward
? backward
. Clarify number of events/samples in the report header, from Ashay Rane
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'security/keys/keyctl.c')
| -rw-r--r-- | security/keys/keyctl.c | 33 |
1 files changed, 16 insertions, 17 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 0b3f5d72af1..fb767c6cd99 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -14,6 +14,7 @@ #include <linux/sched.h> #include <linux/slab.h> #include <linux/syscalls.h> +#include <linux/key.h> #include <linux/keyctl.h> #include <linux/fs.h> #include <linux/capability.h> @@ -388,11 +389,24 @@ long keyctl_keyring_clear(key_serial_t ringid) keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE); if (IS_ERR(keyring_ref)) { ret = PTR_ERR(keyring_ref); + + /* Root is permitted to invalidate certain special keyrings */ + if (capable(CAP_SYS_ADMIN)) { + keyring_ref = lookup_user_key(ringid, 0, 0); + if (IS_ERR(keyring_ref)) + goto error; + if (test_bit(KEY_FLAG_ROOT_CAN_CLEAR, + &key_ref_to_ptr(keyring_ref)->flags)) + goto clear; + goto error_put; + } + goto error; } +clear: ret = keyring_clear(key_ref_to_ptr(keyring_ref)); - +error_put: key_ref_put(keyring_ref); error: return ret; @@ -1244,10 +1258,8 @@ error: */ long keyctl_set_timeout(key_serial_t id, unsigned timeout) { - struct timespec now; struct key *key, *instkey; key_ref_t key_ref; - time_t expiry; long ret; key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, @@ -1273,20 +1285,7 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout) okay: key = key_ref_to_ptr(key_ref); - - /* make the changes with the locks held to prevent races */ - down_write(&key->sem); - - expiry = 0; - if (timeout > 0) { - now = current_kernel_time(); - expiry = now.tv_sec + timeout; - } - - key->expiry = expiry; - key_schedule_gc(key->expiry + key_gc_delay); - - up_write(&key->sem); + key_set_timeout(key, timeout); key_put(key); ret = 0; |