git.openpandora.org / pandora-kernel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw (from parent 1: 90a4c0f)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris...
authorLinus Torvalds <torvalds@linux-foundation.org>
Thu, 19 Jan 2012 19:46:08 +0000 (11:46 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Thu, 19 Jan 2012 19:46:08 +0000 (11:46 -0800)
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  KEYS: Permit key_serial() to be called with a const key pointer
  keys: fix user_defined key sparse messages
  ima: fix cred sparse warning
  MPILIB: Add a missing ENOMEM check

include/linux/key.h patch | blob | history
lib/mpi/mpicoder.c patch | blob | history
security/integrity/ima/ima_policy.c patch | blob | history
security/keys/user_defined.c patch | blob | history

diff --git a/include/linux/key.h b/include/linux/key.h
index bfc014c..5253471 100644 (file)
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -271,7 +271,7 @@ extern int keyring_add_key(struct key *keyring,
 
 extern struct key *key_lookup(key_serial_t id);
 
-static inline key_serial_t key_serial(struct key *key)
+static inline key_serial_t key_serial(const struct key *key)
 {
        return key ? key->serial : 0;
 }
diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c
index fe84bb9..716802b 100644 (file)
--- a/lib/mpi/mpicoder.c
+++ b/lib/mpi/mpicoder.c
@@ -255,6 +255,8 @@ void *mpi_get_buffer(MPI a, unsigned *nbytes, int *sign)
        if (!n)
                n++;            /* avoid zero length allocation */
        p = buffer = kmalloc(n, GFP_KERNEL);
+       if (!p)
+               return NULL;
 
        for (i = a->nlimbs - 1; i >= 0; i--) {
                alimb = a->d[i];
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index d661afb..d45061d 100644 (file)
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -99,6 +99,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule,
                            struct inode *inode, enum ima_hooks func, int mask)
 {
        struct task_struct *tsk = current;
+       const struct cred *cred = current_cred();
        int i;
 
        if ((rule->flags & IMA_FUNC) && rule->func != func)
@@ -108,7 +109,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule,
        if ((rule->flags & IMA_FSMAGIC)
            && rule->fsmagic != inode->i_sb->s_magic)
                return false;
-       if ((rule->flags & IMA_UID) && rule->uid != tsk->cred->uid)
+       if ((rule->flags & IMA_UID) && rule->uid != cred->uid)
                return false;
        for (i = 0; i < MAX_LSM_RULES; i++) {
                int rc = 0;
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index 69ff52c..2aee3c5 100644 (file)
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -59,7 +59,7 @@ int user_instantiate(struct key *key, const void *data, size_t datalen)
        /* attach the data */
        upayload->datalen = datalen;
        memcpy(upayload->data, data, datalen);
-       rcu_assign_pointer(key->payload.data, upayload);
+       rcu_assign_keypointer(key, upayload);
        ret = 0;
 
 error:
@@ -98,7 +98,7 @@ int user_update(struct key *key, const void *data, size_t datalen)
        if (ret == 0) {
                /* attach the new data, displacing the old */
                zap = key->payload.data;
-               rcu_assign_pointer(key->payload.data, upayload);
+               rcu_assign_keypointer(key, upayload);
                key->expiry = 0;
        }
 
@@ -133,7 +133,7 @@ void user_revoke(struct key *key)
        key_payload_reserve(key, 0);
 
        if (upayload) {
-               rcu_assign_pointer(key->payload.data, NULL);
+               rcu_assign_keypointer(key, NULL);
                kfree_rcu(upayload, rcu);
        }
 }
Pandora Kernel Repository