From ad33001e28f644b504bb8341d5f8b8503b489286 Mon Sep 17 00:00:00 2001 From: David Howells Date: Fri, 11 Jun 2010 17:31:05 +0100 Subject: [PATCH] --- yaml --- r: 201843 b: refs/heads/master c: 9156235b3427d6f01c5c95022f72f381f07583f5 h: refs/heads/master i: 201841: b083741bd7b57ed2675943b84317d8d75a58a2f3 201839: 75acf6e0d171907a1b1bc8c8a28b2979e8fd67fe v: v3 --- [refs] | 2 +- trunk/security/keys/keyctl.c | 17 ++++++++++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/[refs] b/[refs] index 3c6d072a2eab..cbefca2d44c1 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 57c2590fb7fd38bd52708ff2716a577d0c2b3c5a +refs/heads/master: 9156235b3427d6f01c5c95022f72f381f07583f5 diff --git a/trunk/security/keys/keyctl.c b/trunk/security/keys/keyctl.c index 6261745e4459..639226afd0db 100644 --- a/trunk/security/keys/keyctl.c +++ b/trunk/security/keys/keyctl.c @@ -1091,7 +1091,7 @@ long keyctl_set_reqkey_keyring(int reqkey_defl) long keyctl_set_timeout(key_serial_t id, unsigned timeout) { struct timespec now; - struct key *key; + struct key *key, *instkey; key_ref_t key_ref; time_t expiry; long ret; @@ -1099,10 +1099,25 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout) key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, KEY_SETATTR); if (IS_ERR(key_ref)) { + /* setting the timeout on a key under construction is permitted + * if we have the authorisation token handy */ + if (PTR_ERR(key_ref) == -EACCES) { + instkey = key_get_instantiation_authkey(id); + if (!IS_ERR(instkey)) { + key_put(instkey); + key_ref = lookup_user_key(id, + KEY_LOOKUP_PARTIAL, + 0); + if (!IS_ERR(key_ref)) + goto okay; + } + } + ret = PTR_ERR(key_ref); goto error; } +okay: key = key_ref_to_ptr(key_ref); /* make the changes with the locks held to prevent races */