Skip to content

Commit

Permalink
KEYS: testing wrong bit for KEY_FLAG_REVOKED
Browse files Browse the repository at this point in the history 
The test for "if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {"
should actually testing that the (1 << KEY_FLAG_REVOKED) bit is set.
The current code actually checks for KEY_FLAG_DEAD.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
  • Loading branch information
Dan Carpenter authored and James Morris committed Mar 7, 2012
1 parent df91e49 commit f67dabb
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion security/keys/process_keys.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -657,7 +657,8 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
goto error;

down_read(&cred->request_key_auth->sem);
if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {
if (test_bit(KEY_FLAG_REVOKED,
&cred->request_key_auth->flags)) {
key_ref = ERR_PTR(-EKEYREVOKED);
key = NULL;
} else {
Expand Down

0 comments on commit f67dabb

Please sign in to comment.